, Nous y avonsétudiéavonsétudié leséchangesleséchanges de clés non-interactifs dotés d'une propriété additionnelle, ` a savoir que chaque utilisateur dispose d'une clé secrèté evoluant avec le temps malgré une clé publique constante. Le point important est que la connaissance d'une clé secrètè a un instant t ne permet pas d'obtenir d'information sur les clés secrètes précédemment utilisées. Ce sujet ne correspond cependant pas aux thèmes développés dans ce mémoire, dans des conférences internationales sont listées ci-dessous. Parmi elles, figure l'article Forward Secure Non-Interactive Key Exchange [PS14], publié lors de la conférence SCN, 2014.

, Short Randomizable Signatures

D. Pointcheval and O. Sanders,

E. Scalable-divisible, ;. S. Canard, D. Pointcheval, O. Sanders, and J. Traoré, ACNS 2015)

E. Divisible, ;. S. Practical, D. Canard, O. Pointcheval, J. Sanders et al., PKC 2015)

N. Desmoulins, R. Lescuyer, O. Sanders, and J. Traoré, Direct Anonymous Attestation with Dependent Basename Opening, 2014.

, Forward Secure Non-Interactive Key Exchange, 2014.

D. Pointcheval and O. Sanders,

, Delegating a Pairing can be Both Secure and Efficient, 2014.

S. Canard, J. Devigne, and O. Sanders,

, Efficient Delegation of Zero-Knowledge Proofs of Knowledge in a Pairing-Friendly Setting

S. Canard, D. Pointcheval, and O. Sanders,

S. Canard, I. Coisel, J. Devigne, C. Gallais, T. Peters et al., ICICS 2013)

, Efficient Group Signatures in the Standard Model

L. E. Aimani and O. Sanders,

, Brevets Procédé de conversion d'un premier chiffré en undeuxì eme chiffré. Brevet déposé le 22/06/2015 avec S. Canard. Procédé d'Encapsulation d'une Clé de Session

, Procédé de Délégation de Couplages Bilinéaires, Canard et J. Devigne

, Brevet déposé le 18/09/12 avec L, Procédés et Dispositifs de Signatures de Groupe Cryptographiques

. , Comparaison des performances de nos constructions avec celles de l'´ etat de l'art. . 61 6.1 Complexité des différents protocoles de preuves de DLRS, 1 Comparaison des performances de notre protocole avec celles de l'´

. .. Comparaison-entre-notre-schéma-de-signature, 114 8.3 Comparaison entre le schéma de signature de groupe décrit dans [BCN + 10] et celui instancié avec nos signatures

. , Comparaison entre un système d'accréditations anonymes utilisant nos signatures et l'´ etat de l'art

. , Liste des figures 2.1 Addition de points distincts sur courbe elliptique

. .. Protocole-de-schnorr,

. .. Pì-ece-divisible,

. , 69 6.1 Délégation de la partie utilisateur du protocole Spend

). .. Protocole-de-schnorrétenduschnorrétendu-pour-un-dlrs-r(x and ). .. , 86 6.5 Délégation de Preuves de Connaissance pour un DLRS R(? 1 ,. .. , ? m ) nécessitant moins de calculs

W. Exponentiations-de, Protocole de délégation d, p.96

, Protocole de délégation d'exponentiations de Hohenberger et Lysyanskaya, p.97

. Protocole-de-délégation-de-couplages-de-girault and . .. Lefranc, , p.98

. Mames, , p.99

C. ]. , Protocole de délégation de couplages présenté dans, p.100

. Bibliographie,

G. Ateniese, J. Camenisch, M. Joye, and G. Tsudik, A practical and provably secure coalition-resistant group signature scheme, Advances in Cryptology-CRYPTO 2000, vol.1880, pp.255-270, 2000.
DOI : 10.1007/3-540-44598-6_16
URL : https://link.springer.com/content/pdf/10.1007%2F3-540-44598-6_16.pdf

L. M. Adleman, A subexponential algorithm for the discrete logarithm problem with applications to cryptography (abstract), 20th Annual Symposium on Foundations of Computer Science, pp.55-60, 1979.

Y. Jee-hea-an, T. Dodis, and . Rabin, On the security of joint signature and encryption, Advances in Cryptology-EUROCRYPT 2002, vol.2332, pp.83-107, 2002.

M. Abe, G. Fuchsbauer, J. Groth, K. Haralambiev, and M. Ohkubo, Structure-preserving signatures and commitments to group elements, Advances in Cryptology-CRYPTO 2010, vol.6223, pp.209-236, 2010.
DOI : 10.1007/978-3-642-14623-7_12
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-642-14623-7_12.pdf

M. Abe, J. Groth, K. Haralambiev, and M. Ohkubo, Optimal structure-preserving signatures in asymmetric bilinear groups, Advances in Cryptology-CRYPTO 2011, vol.6841, pp.649-666, 2011.
DOI : 10.1007/978-3-642-22792-9_37
URL : http://www.cs.ucl.ac.uk/staff/J.Groth/GenericSign.pdf

, Référentiel général de sécurité, Agence Nationale de la Sécurité des Systèmes d'Information, 2013.

L. E. Aimani and O. Sanders, Efficient group signatures in the standard model, Information Security and Cryptology-ICISC 2012, vol.7839, pp.410-424, 2012.

M. H. Au, W. Susilo, and Y. Mu, Constant-size dynamic k-TAA, SCN 06 : 5th International Conference on Security in Communication Networks, vol.4116, pp.111-125, 2006.
DOI : 10.1007/11832072_8
URL : http://eprint.iacr.org/2008/136.pdf

M. H. Au, W. Susilo, and Y. Mu, Practical anonymous divisible e-cash from bounded accumulators, 12th International Conference on Financial Cryptography and Data Security, vol.5143, pp.287-301, 2008.
DOI : 10.1007/978-3-540-85230-8_26
URL : https://ro.uow.edu.au/cgi/viewcontent.cgi?article=2442&context=infopapers

M. Abdalla and B. Warinschi, On the minimal assumptions of group signature schemes, ICICS 04 : 6th International Conference on Information and Communication Security, vol.3269, pp.1-13, 2004.

D. Boneh and X. Boyen, Short signatures without random oracles, Christian Cachin and Jan Camenisch, vol.3027, pp.56-73, 2004.
DOI : 10.1007/978-3-540-24676-3_4
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-540-24676-3_4.pdf

D. Boneh and X. Boyen, Short signatures without random oracles and the SDH assumption in bilinear groups, Journal of Cryptology, vol.21, issue.2, pp.149-177, 2008.

D. Boneh, X. Boyen, and H. Shacham, Short group signatures, Advances in Cryptology-CRYPTO, vol.3152, pp.41-55, 2004.
DOI : 10.1007/978-3-540-28628-8_3

E. F. Brickell, J. Camenisch, and L. Chen, Direct anonymous attestation, ACM CCS 04 : 11th Conference on Computer and Communications Security, pp.132-145, 2004.
DOI : 10.1145/1030083.1030103
URL : http://www.hpl.hp.com/techreports/2004/HPL-2004-93.pdf

V. Benjumea, G. Seung, J. Choi, M. Lopez, and . Yung, Fair traceable multi-group signatures, 12th International Conference on Financial Cryptography and Data Security, vol.5143, pp.231-246, 2008.
DOI : 10.1007/978-3-540-85230-8_21

P. Bichsel, J. Camenisch, G. Neven, N. P. Smart, and B. Warinschi, Get shorty via group signatures without encryption, SCN 10 : 7th International Conference on Security in Communication Networks, vol.6280, pp.381-398, 2010.
DOI : 10.1007/978-3-642-15317-4_24

W. Joppe, C. Bos, M. Costello, and . Naehrig, Exponentiating in pairing groups, SAC 2013 : 20th Annual International Workshop on Selected Areas in Cryptography, vol.8282, pp.438-455, 2014.

D. Boneh and M. K. Franklin, Identity-based encryption from the Weil pairing, Advances in Cryptology-CRYPTO, vol.2139, pp.213-229, 2001.

D. Bernhard, G. Fuchsbauer, E. Ghadafi, N. P. Smart, and B. Warinschi, Anonymous attestation with user-controlled linkability, Int. J. Inf. Sec, vol.12, issue.3, pp.219-249, 2013.
DOI : 10.1007/s10207-013-0191-z

M. Bellare and O. Goldreich, On defining proofs of knowledge, Advances in Cryptology-CRYPTO'92, vol.740, pp.390-420, 1993.

D. Boneh, C. Gentry, B. Lynn, and H. Shacham, Aggregate and verifiably encrypted signatures from bilinear maps, Advances in Cryptology-EUROCRYPT 2003, vol.2656, pp.416-432, 2003.
DOI : 10.1007/3-540-39200-9_26

J. Beuchat, J. E. González-díaz, S. Mitsunari, E. Okamoto, F. Rodríguez-henríquez et al., High-speed software implementation of the optimal Ate pairing over Barreto-Naehrig curves, PAIRING 2010 : 4th International Conference on Pairing-based Cryptography, vol.6487, pp.21-39, 2010.

D. Boneh, . Eu-jin, K. Goh, and . Nissim, Evaluating 2-DNF formulas on ciphertexts, TCC 2005 : 2nd Theory of Cryptography Conference, vol.3378, pp.325-341, 2005.
DOI : 10.1007/978-3-540-30576-7_18
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-540-30576-7_18.pdf

S. L. Paulo, S. D. Barreto, . Galbraith, M. Colm-o'eigeartaigh, and . Scott, Efficient pairing computation on supersingular abelian varieties, Des. Codes Cryptography, vol.42, issue.3, pp.239-271, 2007.

R. Balasubramanian and N. Koblitz, The improbability that an elliptic curve has subexponential discrete log problem under the Menezes-Okamoto-Vanstone algorithm, Journal of Cryptology, vol.11, issue.2, pp.141-145, 1998.
DOI : 10.1007/s001459900040

F. Baldimtsi and A. Lysyanskaya, Anonymous credentials light, ACM CCS 13 : 20th Conference on Computer and Communications Security, pp.1087-1098, 2013.
DOI : 10.1145/2508859.2516687
URL : https://eprint.iacr.org/2012/298.pdf

D. Boneh, B. Lynn, and H. Shacham, Short signatures from the Weil pairing, Advances in Cryptology-ASIACRYPT, vol.2248, pp.514-532, 2001.
DOI : 10.1007/s00145-004-0314-9
URL : http://www.iacr.org/archive/asiacrypt2001/22480516.pdf

S. L. Paulo, B. Barreto, M. Lynn, and . Scott, Constructing elliptic curves with prescribed embedding degrees, SCN 02 : 3rd International Conference on Security in Communication Networks, vol.2576, pp.257-267, 2003.

M. Bellare, D. Micciancio, and B. Warinschi, Foundations of group signatures : Formal definitions, simplified requirements, and a construction based on general assumptions, Advances in Cryptology-EUROCRYPT 2003, vol.2656, pp.614-629

. Springer, , 2003.

S. L. Paulo, M. Barreto, and . Naehrig, Pairing-friendly elliptic curves of prime order, Selected Areas in Cryptography, 12th International Workshop, SAC 2005, vol.3897, pp.319-331, 2005.

S. L. Paulo, M. Barreto, and . Naehrig, Pairing-friendly elliptic curves of prime order, SAC 2005 : 12th Annual International Workshop on Selected Areas in Cryptography, vol.3897, pp.319-331, 2006.

V. Boyko, M. Peinado, and R. Venkatesan, Speeding up discrete log and factoring based schemes via precomputations, Advances in Cryptology-EUROCRYPT'98, vol.1403, pp.221-235, 1998.
DOI : 10.1007/bfb0054129
URL : https://link.springer.com/content/pdf/10.1007%2FBFb0054129.pdf

P. Béguin and J. Quisquater, Fast server-aided RSA signatures secure against active attacks, Advances in Cryptology-CRYPTO'95, vol.963, pp.57-69

. Springer, , 1995.

M. Bellare and P. Rogaway, Random oracles are practical : A paradigm for designing efficient protocols, ACM CCS 93 : 1st Conference on Computer and Communications Security, pp.62-73, 1993.
DOI : 10.1145/168588.168596

D. Boneh and H. Shacham, Group signatures with verifier-local revocation, ACM CCS 04 : 11th Conference on Computer and Communications Security, pp.168-177, 2004.
DOI : 10.1145/1030083.1030106

M. Bellare, H. Shi, and C. Zhang, Foundations of group signatures : The case of dynamic groups, Topics in CryptologyCT-RSA 2005, vol.3376, pp.136-153

. Springer, , 2005.

F. Boudot and J. Traoré, Efficient publicly verifiable secret sharing schemes with fast or delayed recovery, Information and Communication Security, Second International Conference, ICICS'99, vol.1726, pp.87-102, 1999.

J. Camenisch, Efficient and generalized group signatures, Advances in Cryptology-EUROCRYPT'97, vol.1233, pp.465-479, 1997.

S. Canard, I. Coisel, J. Devigne, C. Gallais, T. Peters et al., Toward generic method for server-aided cryptography, Information and Communications Security-15th International Conference, ICICS 2013, vol.8233, pp.373-392, 2013.

S. Canard, I. Coisel, G. De-meulenaer, and O. Pereira, Group signatures are suitable for constrained devices, Information Security and Cryptology-ICISC 2010, vol.6829, pp.133-150, 2010.

C. Cheon, J. Coron, J. Kim, M. S. Lee, T. Lepoint et al., Batch fully homomorphic encryption over the integers, Advances in Cryptology-EUROCRYPT 2013, vol.7881, pp.315-335, 2013.
URL : https://hal.archives-ouvertes.fr/hal-00864327

B. Chevallier-mames, J. Coron, N. Mccullagh, D. Naccache, and M. Scott, Secure delegation of elliptic-curve pairing, IACR Cryptology ePrint Archive, p.150, 2005.
URL : https://hal.archives-ouvertes.fr/hal-01056101

B. Chevallier-mames, J. Coron, N. Mccullagh, D. Naccache, and M. Scott, Secure delegation of elliptic-curve pairing, Gollmann et al. [GLI10], pp.24-35
URL : https://hal.archives-ouvertes.fr/hal-01056101

S. Canard, J. Devigne, and O. Sanders, Delegating a pairing can be both secure and efficient, ACNS 14 : 12th International Conference on Applied Cryptography and Network Security, vol.8479, pp.549-565, 2014.
URL : https://hal.archives-ouvertes.fr/hal-01091145

H. Cohen, G. Frey, R. Avanzi, C. Doche, T. Lange et al., Handbook of Elliptic and Hyperelliptic Curve Cryptography, Second Edition, 2012.

A. Hui-chan, Y. Frankel, and Y. Tsiounis, Easy come-easy go divisible cash, Advances in Cryptology-EUROCRYPT'98, vol.1403, pp.561-575, 1998.

S. Canard and A. Gouget, Divisible e-cash systems can be truly anonymous, Advances in Cryptology-EUROCRYPT, vol.4515, pp.482-497, 2007.

S. Canard and A. Gouget, Multiple denominations in e-cash with compact transaction data, FC 2010 : 14th International Conference on Financial Cryptography and Data Security, vol.6052, pp.82-97, 2010.

R. Canetti, O. Goldreich, and S. Halevi, The random oracle methodology, revisited (preliminary version), 30th Annual ACM Symposium on Theory of Computing, pp.209-218, 1998.

R. Canetti, O. Goldreich, and S. Halevi, On the random-oracle methodology as applied to length-restricted signature schemes, TCC 2004 : 1st Theory of Cryptography Conference, vol.2951, pp.40-57, 2004.

D. Chaum, Blind signatures for untraceable payments, Advances in Cryptology-CRYPTO'82, pp.199-203, 1982.

J. Camenisch, S. Hohenberger, and A. Lysyanskaya, Compact e-cash, Advances in Cryptology-EUROCRYPT 2005, vol.3494, pp.302-321, 2005.

J. Hee-cheon, K. Han, C. Lee, H. Ryu, and D. Stehle, Cryptanalysis of the multilinear map over the integers. Cryptology ePrint Archive, 2014.

J. Camenisch and A. Lysyanskaya, Signature schemes and anonymous credentials from bilinear maps, Advances in CryptologyCRYPTO, vol.3152, pp.56-72, 2004.

. Springer, , 2004.

S. Canard and R. Lescuyer, Protecting privacy by sanitizing personal data : a new approach to anonymous credentials, ASIACCS 13 : 8th Conference on Computer and Communications Security, pp.381-392, 2013.
URL : https://hal.archives-ouvertes.fr/hal-01002501

X. Chen, J. Li, J. Ma, Q. Tang, and W. Lou, New algorithms for secure outsourcing of modular exponentiations, ESORICS 2012 : 17th European Symposium on Research in Computer Security, vol.7459, pp.541-556, 2012.
DOI : 10.1109/tpds.2013.180
URL : http://www.cnsr.ictas.vt.edu/publication/06567860.pdf

T. Jean-sébastien-coron, M. Lepoint, and . Tibouchi, Practical multilinear maps over the integers, Advances in Cryptology-CRYPTO 2013, Part I, vol.8042, pp.476-493, 2013.

T. Jean-sebastien-coron, M. Lepoint, and . Tibouchi, Cryptanalysis of two candidate fixes of multilinear maps over the integers. Cryptology ePrint Archive, 2014.

T. Jean-sébastien-coron, M. Lepoint, and . Tibouchi, Scale-invariant fully homomorphic encryption over the integers, PKC 2014 : 17th International Workshop on Theory and Practice in Public Key Cryptography, vol.8383, pp.311-328, 2014.

S. Chatterjee and A. Menezes, On cryptographic protocols employing asymmetric pairings-the role of ? revisited, Discrete Applied Mathematics, vol.159, issue.13, pp.1311-1322, 2011.

S. Chatterjee and A. Menezes, Type 2 structure-preserving signature schemes revisited, IACR Cryptology ePrint Archive, p.635, 2014.
DOI : 10.1007/978-3-662-48797-6_13
URL : http://cacr.uwaterloo.ca/techreports/2014/cacr2014-18.pdf

D. Chaum, P. Torben, and . Pedersen, Transferred cash grows in size, Advances in Cryptology-EUROCRYPT'92, vol.658, pp.390-407, 1993.
DOI : 10.1007/3-540-47555-9_32
URL : https://link.springer.com/content/pdf/10.1007%2F3-540-47555-9_32.pdf

L. Chen and T. Pedersen, New group signature schemes (extended abstract), Advances in Cryptology-EUROCRYPT'94, vol.950, pp.171-181, 1995.
DOI : 10.1007/bfb0053433
URL : https://link.springer.com/content/pdf/10.1007%2FBFb0053433.pdf

H. Chabanne, D. Duong-hieu-phan, and . Pointcheval, Public traceability in traitor tracing schemes, Advances in CryptologyEUROCRYPT 2005, vol.3494, pp.542-558, 2005.
DOI : 10.1007/11426639_32
URL : https://link.springer.com/content/pdf/10.1007%2F11426639_32.pdf

L. Chen, D. Page, and N. P. Smart, On the design and implementation of an efficient DAA scheme, Gollmann et al. [GLI10], pp.223-237
URL : https://hal.archives-ouvertes.fr/hal-01056104

S. Canard, D. Pointcheval, and O. Sanders, Efficient delegation of zero-knowledge proofs of knowledge in a pairing-friendly setting, PKC 2014 : 17th International Workshop on Theory and Practice in Public Key Cryptography, vol.8383, pp.167-184, 2014.
URL : https://hal.archives-ouvertes.fr/hal-00940045

S. Canard, D. Pointcheval, O. Sanders, and J. Traoré, Divisible e-cash made practical, Public-Key Cryptography-PKC 2015, vol.9020, pp.77-100, 2015.
DOI : 10.1049/iet-ifs.2015.0485
URL : https://hal.archives-ouvertes.fr/hal-01088999

S. Canard, D. Pointcheval, O. Sanders, and J. Traoré, Scalable divisible e-cash, Full version available on Cryptology ePrint Archive, 2015.
DOI : 10.1007/978-3-319-28166-7_14
URL : https://hal.archives-ouvertes.fr/hal-01247652

J. Camenisch and M. Stadler, Efficient group signature schemes for large groups (extended abstract), Advances in Cryptology-CRYPTO'97, vol.1294, pp.410-424
DOI : 10.1007/bfb0052252
URL : https://link.springer.com/content/pdf/10.1007%2FBFb0052252.pdf

. Springer, , 1997.

D. Chaum and . Eugène-van-heyst, Group signatures, Advances in Cryptology-EUROCRYPT'91, vol.547, pp.257-265, 1991.

, Data encryption standard, 1977.

W. Diffie and M. E. Hellman, New directions in cryptography, IEEE Transactions on Information Theory, vol.22, issue.6, pp.644-654, 1976.
DOI : 10.1109/tit.1976.1055638

N. Desmoulins, R. Lescuyer, O. Sanders, and J. Traoré, Direct anonymous attestations with dependent basename opening, CANS 14 : 13th International Conference on Cryptology and Network Security, vol.8813, pp.206-221, 2014.
DOI : 10.1007/978-3-319-12280-9_14
URL : https://hal.archives-ouvertes.fr/hal-01091165

C. Delerablée and D. Pointcheval, Dynamic fully anonymous short group signatures, Progressin Cryptology-VIETCRYPT 2006, vol.4341, pp.193-210, 2006.

. Peter-de-rooij, On the security of the schnorr scheme using preprocessing, Advances in Cryptology-EUROCRYPT '91, vol.547, pp.71-80, 1991.

. Peter-de-rooij, On schnorr's preprocessing for digital signature schemes, J. Cryptology, vol.10, issue.1, pp.1-16, 1997.

L. Ducas, Anonymity from asymmetry : New constructions for anonymous HIBE, Topics in Cryptology-CT-RSA 2010, vol.5985, pp.148-164, 2010.

T. Elgamal, A public key cryptosystem and a signature scheme based on discrete logarithms, Advances in Cryptology-CRYPTO'84, vol.196, pp.10-18

. Springer, , 1984.

U. Feige, A. Fiat, and A. Shamir, Zero knowledge proofs of identity, 19th Annual ACM Symposium on Theory of Computing, pp.210-217, 1987.

A. Fiat and A. Shamir, How to prove yourself : Practical solutions to identification and signature problems, Advances in Cryptology-CRYPTO'86, vol.263, pp.186-194

. Springer, , 1987.

C. Gentry, Fully homomorphic encryption using ideal lattices, 41st Annual ACM Symposium on Theory of Computing, pp.169-178, 2009.

S. Garg, C. Gentry, and S. Halevi, Candidate multilinear maps from ideal lattices, Advances in Cryptology-EUROCRYPT 2013, vol.7881, pp.1-17, 2013.

C. Gentry, S. Halevi, K. Hemanta, A. Maji, and . Sahai, Zeroizing without zeroes : Cryptanalyzing multilinear maps without encodings of zero, Cryptology ePrint Archive, 2014.

M. Girault and D. Lefranc, Server-aided verification : Theory and practice, Advances in Cryptology-ASIACRYPT 2005, vol.3788, pp.605-623, 2005.

D. Gollmann, J. Lanet, and J. Iguchi-cartigny, Smart Card Research and Advanced Application, 9th IFIP WG 8.8/11.2 International Conference, CARDIS 2010, vol.6035, 2010.
URL : https://hal.archives-ouvertes.fr/hal-00587185

S. Goldwasser, S. Micali, and R. L. Rivest, A digital signature scheme secure against adaptive chosen-message attacks, SIAM J. Comput, vol.17, issue.2, pp.281-308, 1988.

S. Goldwasser, S. Micali, and C. Rackoff, The knowledge complexity of interactive proof systems, SIAM Journal on Computing, vol.18, issue.1, pp.186-208, 1989.

D. Steven, K. G. Galbraith, N. P. Paterson, and . Smart, Pairings for cryptographers, Discrete Applied Mathematics, vol.156, issue.16, pp.3113-3121, 2008.

J. Groth, Fully anonymous group signatures without random oracles, Advances in Cryptology-ASIACRYPT 2007, vol.4833, p.132, 2007.

J. Groth and A. Sahai, Efficient non-interactive proof systems for bilinear groups, Advances in Cryptology-EUROCRYPT, vol.4965, pp.415-432, 2008.

. Gsma, White paper : Mobile nfc in transport, GSMA, 2012.

A. Guillevic, Comparing the pairing efficiency over composite-order and primeorder elliptic curves, ACNS 13 : 11th International Conference on Applied Cryptography and Network Security, vol.7954, pp.357-372, 2013.
DOI : 10.1007/978-3-642-38980-1_22
URL : https://hal.archives-ouvertes.fr/hal-00812960

A. Guillevic and D. Vergnaud, Algorithms for outsourcing pairing computation, Smart Card Research and Advanced Applications-13th International Conference, vol.8968, pp.193-211, 2014.
DOI : 10.1007/978-3-319-16763-3_12
URL : https://hal.archives-ouvertes.fr/hal-01084550

S. Hohenberger and A. Lysyanskaya, How to securely outsource cryptographic computations, TCC 2005 : 2nd Theory of Cryptography Conference, vol.3378, pp.264-282
DOI : 10.1007/978-3-540-30576-7_15
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-540-30576-7_15.pdf

. Springer, , 2005.

C. Hanser and D. Slamanig, Structure-preserving signatures on equivalence classes and their application to anonymous credentials, Advances in Cryptology-ASIACRYPT 2014, Part I, vol.8873, pp.491-511, 2014.
DOI : 10.1007/978-3-662-45611-8_26

F. Hess, N. P. Smart, and F. Vercauteren, The eta pairing revisited, IEEE Transactions on Information Theory, vol.52, issue.10, pp.4595-4602, 2006.
DOI : 10.1109/tit.2006.881709

M. Izabachène and B. Libert, Divisible E-cash in the standard model, PAIRING 2012 : 5th International Conference on Pairing-based Cryptography, vol.7708, pp.314-332, 2013.

A. Joux, A one round protocol for tripartite diffie-hellman, Algorithmic Number Theory, 4th International Symposium, ANTS-IV, volume 1838 of Lecture Notes in Computer Science, pp.385-394, 2000.
DOI : 10.1007/s00145-004-0312-y

S. Charanjit, A. Jutla, and . Roy, Shorter quasi-adaptive NIZK proofs for linear subspaces, Advances in CryptologyASIACRYPT 2013, Part I, vol.8269, pp.1-20, 2013.

S. Charanjit, A. Jutla, and . Roy, Switching lemma for bilinear tests and constantsize NIZK proofs for linear subspaces, Advances in Cryptology-CRYPTO 2014, Part II, vol.8617, pp.295-312, 2014.

D. Kahn, The codebreakers : the story of secret writing, 1996.

B. G. Kang, M. S. Lee, and J. Park, Efficient delegation of pairing computation, IACR Cryptology ePrint Archive, p.259, 2005.

N. Koblitz and A. Menezes, The brave new world of bodacious assumptions in cryptography, Notices of the American Mathematical Society, vol.57, issue.3, pp.357-365, 2010.

J. Ezekiel, E. F. Kachisa, M. Schaefer, and . Scott, Constructing BrezingWeng pairing-friendly elliptic curves using elements in the cyclotomic field, PAIRING 2008 : 2nd International Conference on Pairing-based Cryptography, vol.5209, pp.126-135, 2008.

A. Kiayias, Y. Tsiounis, and M. Yung, Traceable signatures, Advances in Cryptology-EUROCRYPT, vol.3027, pp.571-589, 2004.
DOI : 10.1007/978-3-540-24676-3_34
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-540-24676-3_34.pdf

. Springer, , 2004.

A. Kiayias and M. Yung, Secure scalable group signature with dynamic joins and separable authorities, vol.IJSN, pp.24-45, 2006.
DOI : 10.1504/ijsn.2006.010821

B. Libert and M. Joye, Group signatures with message-dependent opening in the standard model, Topics in Cryptology-CT-RSA 2014, vol.8366, pp.Fe- bruary, 2014.

K. Lee, M. Dong-hoon-lee, and . Yung, Aggregating CL-signatures revisited : Extended functionality and better efficiency, FC 2013 : 17th International Conference on Financial Cryptography and Data Security, vol.7859, pp.171-188, 2013.
DOI : 10.1007/978-3-642-39884-1_14
URL : http://eprint.iacr.org/2012/562.pdf

A. Lysyanskaya, S. Micali, L. Reyzin, and H. Shacham, Sequential aggregate signatures from trapdoor permutations, Advances in Cryptology-EUROCRYPT, vol.3027, pp.74-90, 2004.
DOI : 10.1007/978-3-540-24676-3_5
URL : https://link.springer.com/content/pdf/10.1007%2F978-3-540-24676-3_5.pdf

S. Lu, R. Ostrovsky, A. Sahai, H. Shacham, and B. Waters, Sequential aggregate signatures and multisignatures without random oracles, Advances in Cryptology-EUROCRYPT, vol.4004, pp.465-485, 2006.

B. Libert, T. Peters, M. Joye, and M. Yung, Non-malleability from malleability : Simulation-sound quasi-adaptive NIZK proofs and CCA2-secure encryption from homomorphic signatures, Advances in Cryptology-EUROCRYPT 2014, vol.8441, pp.514-532, 2014.
URL : https://hal.archives-ouvertes.fr/hal-00983147

A. Lysyanskaya, R. L. Rivest, A. Sahai, and S. Wolf, Pseudonym systems, SAC 1999 : 6th Annual International Workshop on Selected Areas in Cryptography, vol.1758, pp.184-199, 2000.

A. Langlois, D. Stehlé, and R. Steinfeld, GGHLite : More efficient multilinear maps from ideal lattices, Advances in Cryptology-EUROCRYPT 2014, vol.8441, pp.239-256, 2014.
URL : https://hal.archives-ouvertes.fr/hal-00983179

G. Maitland and C. Boyd, Co-operatively formed group signatures, Topics in Cryptology-CT-RSA 2002, vol.2271, pp.218-235, 2002.

T. Matsumoto, K. Kato, and H. Imai, Speeding up secret computations with insecure auxiliary devices, Advances in Cryptology-CRYPTO'88, vol.403, pp.497-506

. Springer, , 1990.

A. Menezes, S. A. Vanstone, and T. Okamoto, Reducing elliptic curve logarithms to logarithms in a finite field, 23rd Annual ACM Symposium on Theory of Computing, pp.80-89, 1991.

Q. Phong, J. Nguyen, and . Stern, The Béguin-Quisquater server-aided RSA protocol from Crypto '95 is not secure, Advances in Cryptology-ASIACRYPT'98, vol.1514, pp.372-379, 1998.

T. Nakanishi and Y. Sugiyama, Unlinkable divisible electronic cash, Information Security, Third International Workshop, vol.1975, pp.121-134, 2000.

Q. Phong, I. Nguyen, and . Shparlinski, On the insecurity of a server-aided RSA protocol, Advances in Cryptology-ASIACRYPT 2001, pp.21-35, 2001.

Q. Phong, I. E. Nguyen, J. Shparlinski, and . Stern, Distribution of modular sums and the security of the server aided exponentiation, 2000.

T. Okamoto, An efficient divisible electronic cash scheme, Advances in Cryptology-CRYPTO'95, vol.963, pp.438-451, 1995.

T. Okamoto and K. Ohta, Universal electronic cash, Advances in Cryptology-CRYPTO'91, vol.576, pp.324-337, 1992.

P. Torben and . Pedersen, Non-interactive and information-theoretic secure verifiable secret sharing, Advances in Cryptology-CRYPTO'91, vol.576, pp.129-140, 1992.

D. Pointcheval and J. Stern, Provably secure blind signature schemes, Advances in Cryptology-ASIACRYPT'96, vol.1163, pp.252-265

. Springer, , 1996.

D. Pointcheval and J. Stern, Security arguments for digital signatures and blind signatures, Journal of Cryptology, vol.13, issue.3, pp.361-396, 2000.

D. Pointcheval and O. Sanders, Forward secure non-interactive key exchange, SCN 14 : 9th International Conference on Security in Communication Networks, vol.8642, pp.21-39, 2014.
URL : https://hal.archives-ouvertes.fr/hal-01089001

D. Pointcheval and O. Sanders, Short randomizable signatures. IACR Cryptology ePrint Archive, p.525, 2015.
URL : https://hal.archives-ouvertes.fr/hal-01377997

B. Pfitzmann and M. Waidner, Attacks on protocols for server-aided RSA computation, Advances in Cryptology-EUROCRYPT'92, vol.658, pp.153-162

. Springer, , 1993.

R. L. Rivest, A. Shamir, and L. M. Adleman, A method for obtaining digital signature and public-key cryptosystems, Communications of the Association for Computing Machinery, vol.21, issue.2, pp.120-126, 1978.

C. Schnorr, Efficient identification and signatures for smart cards, Advances in Cryptology-CRYPTO'89, vol.435, pp.239-252, 1990.

C. Schnorr, Efficient signature generation by smart cards, Journal of Cryptology, vol.4, issue.3, pp.161-174, 1991.

M. Scott, Unbalancing pairing-based key exchange protocols, IACR Cryptology ePrint Archive, p.688, 2013.

Y. Sakai, K. Emura, G. Hanaoka, Y. Kawai, T. Matsuda et al., Group signatures with message-dependent opening, PAIRING 2012 : 5th International Conference on Pairing-based Cryptography, vol.7708, pp.270-294, 2013.

, Secure hash standard. publication fips 180-2, 2002.

, Secure hash standard. publication fips 202, 2014.

V. Shoup, Lower bounds for discrete logarithms and related problems, Advances in Cryptology-EUROCRYPT'97, vol.1233, pp.256-266, 1997.

A. , H. Sánchez, and F. Rodríguez-henríquez, NEON implementation of an attribute-based encryption scheme, ACNS 13 : 11th International Conference on Applied Cryptography and Network Security, vol.7954, pp.322-338, 2013.

M. Tompa and H. Woll, Random self-reducibility and zero knowledge interactive proofs of possession of information, 28th Annual Symposium on Foundations of Computer Science, pp.472-482, 1987.

F. Haibo-tian, K. Zhang, D. E. Ren-;-marten-van-dijk, B. Clarke, G. E. Gassend et al., Secure bilinear pairing outsourcing made more efficient and flexible, Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, ASIA CCS '15, vol.39, pp.253-273, 2006.

M. Van-dijk, C. Gentry, S. Halevi, and V. Vaikuntanathan, Fully homomorphic encryption over the integers, Advances in Cryptology-EUROCRYPT 2010, vol.6110, pp.24-43, 2010.

F. Vercauteren, Optimal pairings, IEEE Transactions on Information Theory, vol.56, issue.1, pp.455-461, 2010.

. Www-+-14]-yujue, Q. Wang, D. S. Wu, B. Wong, . Qin et al., Securely outsourcing exponentiations with single untrusted program for cloud storage, ESORICS 2014 : 19th European Symposium on Research in Computer Security, Part I, vol.8712, pp.326-343, 2014.

, Hong kong e-payment firm admits selling customer data