Signcryption with Non-interactive Non-repudiation Article Received: 27 November 2002 Revised: 08 April 2004 Accepted: 30 July 2004 DOI:
Cite this article as: Malone-Lee, J. Des Codes Crypt (2005) 37: 81. doi:10.1007/s10623-004-3806-6 Abstract
Signcryption  is a public key primitive that achieves the functionality of both an encryption scheme and a signature scheme simultaneously. It does this more efficiently than a composition of public key encryption and public key signature.
We present a model of security for signcryption schemes that offer non-interactive non-repudiation. This is non-repudiation in which the judge settling a repudiation dispute does not have to get involved in an interactive zero-knowledge proof. Our model applies to many existing schemes in the literature Bao and Deng,  He and Wu,  Peterson and Michels, .
We explain why the scheme proposed in Bao and Deng,  is insecure under any definition of privacy based on the idea of indistinguishable encryptions Goldwasser and Micali, . We describe a modified scheme to overcome the problem. Proofs of security are given for the scheme in the random oracle model Bellare and Rogaway, .
Keywords Signcryption non-repudiation provable security
AMS Classification: 94A60
References Abdalla, M., Bellare, M., Rogaway, P. 2001 The Oracle D iffie- H ellman assumptions and an analysis of DHIES In Topics in Cryptology— CT-RSA 2001. Lecture Notes in Computer Science. 2020 143 158 Google Scholar An, JH., Dodis, Y., Rabin, T. 2002 On the Security of Joint Signature and Encryption In Advances in Cryptology—EUROCRYPT 2002. Lecture Notes in Computer Science. 2332 83 107 Google Scholar Baek, R., Steinfeld., , Zheng, Y. 2002 Formal proofs for the security of signcryption In Public Key Cryptography—PKC 2002. Lecture Notes in Computer Science. 2274 80 98 Google Scholar Bao, F., Deng, RH. 1998 A Signcryption scheme with signature directly verifiable by public key In Public Key Cryptography—PKC ’98. Lecture Notes in Computer Science. 1431 55 59 Google Scholar
Barreto P.S.LM., Kim HY., Lynn B., Scott M. (2002). Efficient algorithms for paring-based cryptosystems. In Advances in Cryptology—CRYPTO 2002. Lecture Notes in Computer Science. Springer-Verlag pp. 354–368
Bellare, M., Boldyreva, A., Micali, S. 2000 Public-key encryption in a multi-user setting: Security proofs and improvements In Advances in Cryptology—EUROCRYPT 2002. Lecture Notes in Computer Science. 1807 259 274 Google Scholar
Bellare M., Desai A., Jokipii E., Rogaway P. (1997). A concrete security treatment of symmetric encryption. In 38 th Annual Symposium on Foundations of Computer Science. IEEE Computer Science Press pp. 394–403
Bellare, M., Desai, A., Pointcheval, D., Rogaway, P. 1998 Relations among notions of security for public-key encryption schemes In Advances in Cryptology—CRYPTO ’98. Lecture Notes in Computer Science. 1462 26 45 Google Scholar Bellare, M., Jakobsson, M., Yung, M. 1997 Round-optimal zero-knowledge arguments based on any one-way function In Advances in Cryptology—EUROCRYPT ’97 Lecture Notes in Computer Science. 1233 280 305 Google Scholar
Bellare M., Rogaway P. (19993). Random oracles are practical: a paradigm for designing efficient protocols. In 1st ACM Conference on Computer and Communications Security pp. 62–73
Bellare, M., Rogaway, P. 1994 Optimal Asymmetric Encryption—How to encrypt with RSA In Advances in Cryptology—EUROCRYPT ’94. Lecture Notes in Computer Science. 950 92 111 Google Scholar Boneh, D., Franklin, M. 2001 Identity-based encryption from the weil pairing In Advances in Cryptology—CRYPTO 2001. Lecture Notes in Computer Science. 2139 213 229 Google Scholar Brassard, G., Chaum, D.C. 1988 Crénimum disclosure proofs of knowledge J. Computer Syst. Sci. 37 156 189 CrossRef Google Scholar Cha, J.C., Cheon, JH. 2003 An identity-based signature from gap diffie-hellman groups In Public Key Cryptography—PKC 2003.Lecture Notes in Computer Science. 2567 18 30 Google Scholar Chaum, D., Pederson, TP. 1993 Wallet databases with observers In Advances in Cryptology—CRYPTO ’92. Lecture Notes in Computer Science. 740 89 105 Google Scholar Cramer, R., Shoup, V. 1998 A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack In Advances in Cryptology—CRYPTO ’98. Lecture Notes in Computer Science. 1462 13 25 Google Scholar Cramer, R., Shoup, V. 2003 and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack In SIAM J. Comput. 33 167 226 CrossRef Google Scholar Galbraith, S., Harrison, K., Soldera, D. 2002 Implementing the T ate pairing In Algorithmic Number Theory (ANTS V) Lecture Notes in Computer Science. 2369 324 337 Google Scholar Galbraith, S., Malone-Lee, J., Smart, NP. 2002 Public key signatures in the multi-user setting Inform. Process. Lett. 83 263 266 CrossRef Google Scholar Goldwasser, S., Micali, S. 1984 Probabilistic encryption J. Computer Syst. Sci. 28 270 299 CrossRef Google Scholar Goldwasser, S., Micali, S., Rivest, R. 1998 A digital signature scheme secure against adaptive chosen-message attacks SIAM J. Comput. 17 281 308 CrossRef Google Scholar He, W.H., Wu, TC. 1999 Cryptanalysis and improvement of Petersen– M ichels signcryption scheme IEE Proc.—Computers Digital Techniques. 146 123 124 CrossRef Google Scholar Hess, F. 2003 Efficient identity based signature schemes based on pairings In Selected Areas in Cryptography (2002) Lecture Notes in Computer Science. 2595 310 324 Google Scholar
Lee MK., Kim D.K., Park K. (2000). An authenticated encryption scheme with public verifiability. In 4th Korea–Japan Joint Workshop on Algorithms and Computation. pp. 49–56
Menezes, AJ., Okamato, T., Vanstone, SA. 1993 Reducing elliptic curve logarithms to logarithms in a finite field IEEE Trans Inform. Theory. 39 1639 1646 CrossRef Google Scholar Ohta, K., Okamoto, T. 1998 On concrete security treatment of signatures derived from identification In Advances in Cryptology—CRYPTO ’98ture Notes in Computer Science. 1462 354 369 Google Scholar Patterson, KG. 2002 ID -based signatures from pairings on elliptic curves Electron Lett. 38 1025 1026 CrossRef Google Scholar Petersen, H., Michels, M. 1998 Cryptanalysis and improvement of signcryption schemes IEE Proc.—Computers Digital Techniques. 145 149 151 CrossRef Google Scholar Schnorr, CP. 1990 Efficient identification and signatures for smart cards In Advances in Cryptology—CRYPTO ’89cture Notes in Computer Science. 435 235 254 Google Scholar Schnorr, CP. 1991 Efficient signature generation by smart cards J. Cryptol. 4 161 174 CrossRef Google Scholar Smart, NP. 2002 An identity based authenticated key agreement protocol based on the Weil pairing Electronic Lett. 38 630 632 CrossRef Google Scholar Verheul, ER. 2001 Evidence that XTR is more secure than supersingular elliptic curve cryptosystems In Advances in Cryptology—EUROCRYPT 2001, Lecture Notes in Computer Science. 2045 195 210 Google Scholar Zheng, Y. 1997 Digital signcryption or how to achieve cost (signature & encryption) << cost(signature) + cost(encryption) In Advances in Cryptology—CRYPTO ’97, Lecture Notes in Computer Science. 1294 165 179 Google Scholar Copyright information
© Springer Science+Business Media, Inc. 2005