Abstract
Quite recently, Luo and Wan putted forward a new certificateless signcryption (CLSC) scheme with low computation cost in the standard model. They stated that their newly proposed scheme achieves the unforgeability against adaptive chosen message attack (i.e, unforgeability) and indistinguishability against adaptive chosen ciphertext attack (i.e., confidentiality). However, we find that the scheme cannot reach the claimed security feature. Specifically, in this paper, we will demonstrate that in Luo and Wan’s CLSC scheme, the plaintext can be easily recovered from the ciphertext by ordinary attacker and malicious-but-passive KGC. In addition, we identify that this scheme even cannot resist forgery attack of a malicious KGC.
Similar content being viewed by others
References
Zheng Y. (1997) Digital signcryption or how to achieve cost(signature & encryption) « cost(signature) + cost(encryption). In B. S. Kaliski (Eds.), Advances in Cryptology—CRYPTO '97. CRYPTO 1997. Lecture Notes in Computer Science, Vol. 1294. Springer: Berlin, Heidelberg.
Hwang, R. J., Lai, C. H., & Su, F. F. (2005). An efficient signcryption scheme with forward secrecy based on elliptic curve. Applied Mathematics and Computation,167(2), 870–881.
Li, C. K., Yang, G. M., Wong, D. S., Deng, X. T., & Chow, S. S. M. (2010). An efficient signcryption scheme with key privacy and its extension to ring signcryption. Journal of Computer Security,18(3), 451–473.
Li, X., Qian, H., Weng, J., & Yu, Y. (2013). Fully secure identity-based signcryption scheme with shorter signcryptext in the standard model. Mathematical and Computer Modelling,57(3–4), 503–511.
Karati, A., Islam, S. K. H., Biswas, G. P., et al. (2018). Provably secure identity-based signcryption scheme for crowdsourced industrial internet of things environments. IEEE Internet of Things Journal,5(4), 2904–2914.
Barbosa, M., & Farshim, P. (2008). Certificateless signcryption. In Proceedings of the 2008 ACM symposium on information, computer and communications security (ASIACCS08) (pp. 369–372). New York: ACM.
Liu, Z., Hu, Y., Zhang, X., et al. (2010). Certificateless signcryption scheme in the standard model. Information Sciences,180(3), 452–464.
Jin, Z., Wen, Q., & Zhang, H. (2010). A supplement to Liu et al.’s certiicateless signcryption scheme in the standard model. Cryptology ePrint Archive, Retrieved from http://eprint.iacr.org/2010/252.pdf. Accessed 3 May 2010.
Xiong, H. (2014). Toward certiicateless signcryption scheme without random oracles. Cryptology ePrint Archive, Retrieved from http://eprint.iacr.org/2014/162.pdf. Accessed 3 March 2014.
Zhou, C. X., Gao, G. Y., & Cui, Z. M. (2017). Certificateless signcryption in the standard model. Wireless Personal Communications,92(2), 495–513.
Luo, M., & Wan, Y. (2018). An enhanced certificateless signcryption in the standard model. Wireless Personal Communications,98(3), 2693–2709.
Acknowledgments
This work was supported by the Education and Research Foundation of Fujian Province of China for young and middle-aged teacher (Grant No. JAT160350).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Yuan, Y. Security Analysis of an Enhanced Certificateless Signcryption in the Standard Model. Wireless Pers Commun 112, 387–394 (2020). https://doi.org/10.1007/s11277-020-07031-9
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-020-07031-9