Quite recently, Luo and Wan putted forward a new certificateless signcryption (CLSC) scheme with low computation cost in the standard model. They stated that their newly proposed scheme achieves the unforgeability against adaptive chosen message attack (i.e, unforgeability) and indistinguishability against adaptive chosen ciphertext attack (i.e., confidentiality). However, we find that the scheme cannot reach the claimed security feature. Specifically, in this paper, we will demonstrate that in Luo and Wan’s CLSC scheme, the plaintext can be easily recovered from the ciphertext by ordinary attacker and malicious-but-passive KGC. In addition, we identify that this scheme even cannot resist forgery attack of a malicious KGC.
This is a preview of subscription content, log in to check access.
Buy single article
Instant unlimited access to the full article PDF.
Price includes VAT for USA
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
This is the net price. Taxes to be calculated in checkout.
Zheng Y. (1997) Digital signcryption or how to achieve cost(signature & encryption) « cost(signature) + cost(encryption). In B. S. Kaliski (Eds.), Advances in Cryptology—CRYPTO '97. CRYPTO 1997. Lecture Notes in Computer Science, Vol. 1294. Springer: Berlin, Heidelberg.
Hwang, R. J., Lai, C. H., & Su, F. F. (2005). An efficient signcryption scheme with forward secrecy based on elliptic curve. Applied Mathematics and Computation,167(2), 870–881.
Li, C. K., Yang, G. M., Wong, D. S., Deng, X. T., & Chow, S. S. M. (2010). An efficient signcryption scheme with key privacy and its extension to ring signcryption. Journal of Computer Security,18(3), 451–473.
Li, X., Qian, H., Weng, J., & Yu, Y. (2013). Fully secure identity-based signcryption scheme with shorter signcryptext in the standard model. Mathematical and Computer Modelling,57(3–4), 503–511.
Karati, A., Islam, S. K. H., Biswas, G. P., et al. (2018). Provably secure identity-based signcryption scheme for crowdsourced industrial internet of things environments. IEEE Internet of Things Journal,5(4), 2904–2914.
Barbosa, M., & Farshim, P. (2008). Certificateless signcryption. In Proceedings of the 2008 ACM symposium on information, computer and communications security (ASIACCS08) (pp. 369–372). New York: ACM.
Liu, Z., Hu, Y., Zhang, X., et al. (2010). Certificateless signcryption scheme in the standard model. Information Sciences,180(3), 452–464.
Jin, Z., Wen, Q., & Zhang, H. (2010). A supplement to Liu et al.’s certiicateless signcryption scheme in the standard model. Cryptology ePrint Archive, Retrieved from http://eprint.iacr.org/2010/252.pdf. Accessed 3 May 2010.
Xiong, H. (2014). Toward certiicateless signcryption scheme without random oracles. Cryptology ePrint Archive, Retrieved from http://eprint.iacr.org/2014/162.pdf. Accessed 3 March 2014.
Zhou, C. X., Gao, G. Y., & Cui, Z. M. (2017). Certificateless signcryption in the standard model. Wireless Personal Communications,92(2), 495–513.
Luo, M., & Wan, Y. (2018). An enhanced certificateless signcryption in the standard model. Wireless Personal Communications,98(3), 2693–2709.
This work was supported by the Education and Research Foundation of Fujian Province of China for young and middle-aged teacher (Grant No. JAT160350).
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
About this article
Cite this article
Yuan, Y. Security Analysis of an Enhanced Certificateless Signcryption in the Standard Model. Wireless Pers Commun (2020). https://doi.org/10.1007/s11277-020-07031-9
- Certificateless cryptography
- Message unforgeability
- Message confidentiality
- Standard model