TY - JOUR
T1 - Secure identity-based signcryption in the standard model
AU - Li, Fagen
AU - Takagi, Tsuyoshi
N1 - Funding Information:
We would like to thank the anonymous reviewers for their valuable comments and suggestions. This work is supported by the National Natural Science Foundation of China (Grant Nos. 60803133 , 60873233 , 61073176 , 61003230 and 61003232 ), the State Key Laboratory of Information Security , and the Fundamental Research Funds for the Central Universities .
PY - 2013/6
Y1 - 2013/6
N2 - Signcryption is a cryptographic primitive that fulfills both the functions of digital signature and public key encryption simultaneously, at a cost significantly lower than that required by the traditional signature-then-encryption approach. Signcryption has been shown to be useful in many applications, such as electronic commerce, mobile communications and smart cards. In 2009, Yu etal. [12] proposed an identity-based signcryption (IBSC) scheme in the standard model. In 2010, Zhang. [17] pointed out that Yu etal.'s scheme does not have the indistinguishability against adaptive chosen ciphertext attacks (IND-CCA2) and proposed an improved IBSC scheme. He proved that the improved scheme has the IND-CCA2 property and existential unforgeability against adaptive chosen messages attacks (EUF-CMA). However, in this paper, an attack is proposed to show that Zhang's scheme does not have the IND-CCA2 property (not even chosen plaintext attacks (IND-CPA)). We present a fully secure IBSC scheme in the standard model. We prove that our scheme has the IND-CCA2 property under the decisional bilinear Diffie-Hellman assumption and has the EUF-CMA property under the computational Diffie-Hellman assumption.
AB - Signcryption is a cryptographic primitive that fulfills both the functions of digital signature and public key encryption simultaneously, at a cost significantly lower than that required by the traditional signature-then-encryption approach. Signcryption has been shown to be useful in many applications, such as electronic commerce, mobile communications and smart cards. In 2009, Yu etal. [12] proposed an identity-based signcryption (IBSC) scheme in the standard model. In 2010, Zhang. [17] pointed out that Yu etal.'s scheme does not have the indistinguishability against adaptive chosen ciphertext attacks (IND-CCA2) and proposed an improved IBSC scheme. He proved that the improved scheme has the IND-CCA2 property and existential unforgeability against adaptive chosen messages attacks (EUF-CMA). However, in this paper, an attack is proposed to show that Zhang's scheme does not have the IND-CCA2 property (not even chosen plaintext attacks (IND-CPA)). We present a fully secure IBSC scheme in the standard model. We prove that our scheme has the IND-CCA2 property under the decisional bilinear Diffie-Hellman assumption and has the EUF-CMA property under the computational Diffie-Hellman assumption.
UR - http://www.scopus.com/inward/record.url?scp=84892508211&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84892508211&partnerID=8YFLogxK
U2 - 10.1016/j.mcm.2011.06.043
DO - 10.1016/j.mcm.2011.06.043
M3 - Article
AN - SCOPUS:84892508211
VL - 57
SP - 2685
EP - 2694
JO - Mathematical and Computer Modelling
JF - Mathematical and Computer Modelling
SN - 0895-7177
IS - 11-12
ER -