On the Connection Between Signcryption and One-Pass Key Establishment

  • M. Choudary Gorantla
  • Colin Boyd
  • Juan Manuel González Nieto
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4887)


There is an intuitive connection between signcryption and one-pass key establishment. Although this has been observed previously, up to now there has been no formal analysis of this relationship. The main purpose of this paper is to prove that, with appropriate security notions, one-pass key establishment can be used as a signcryption KEM and vice versa. In order to establish the connection we explore the definitions for signcryption (KEM) and give new and generalised definitions. By making our generic construction concrete we are able to provide new examples of a signcryption KEM and a one-pass key establishment protocol.


Key establishment Signcryption Signcryption KEM 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Zheng, Y.: Digital Signcryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) + Cost(Encryption). In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 165–179. Springer, Heidelberg (1997)Google Scholar
  2. 2.
    Zheng, Y.: Shortened Digital Signature, Signcryption and Compact and Unforgeable Key Agreement Schemes. Technical report, A submission to IEEE P1363 Standard Specifications for Public Key Cryptography (1998), http://grouper.ieee.org/groups/1363/StudyGroup/Hybrid.html
  3. 3.
    An, J., Dodis, Y., Rabin, T.: On the Security of Joint Signature and Encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 83–107. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  4. 4.
    An, J.: Authenticated Encryption in the Public-Key Setting: Security Notions and Analyses. Cryptology ePrint Archive, Report, 2001/079 (2001), http://eprint.iacr.org/2001/079
  5. 5.
    Dodis, Y.: Signcryption (Short Survey). Encyclopedia of Cryptography and Security (2005), http://theory.lcs.mit.edu/~yevgen/surveys.html
  6. 6.
    Dent, A.: Hybrid Signcryption Schemes with Outsider Security. In: Zhou, J., Lopez, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 203–217. Springer, Heidelberg (2005)Google Scholar
  7. 7.
    Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. Technical report (2002), http://shoup.net/
  8. 8.
    Dent, A.: Hybrid Cryptography. Cryptology ePrint Archive, Report, 2004/210 (2004), http://eprint.iacr.org/2004/210
  9. 9.
    Dent, A.: Hybrid Signcryption Schemes with Insider Security. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 253–266. Springer, Heidelberg (2005)Google Scholar
  10. 10.
    Krawczyk, H., HMQV,: A High-Performance Secure Diffie-Hellman Protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 546–566. Springer, Heidelberg (2005)Google Scholar
  11. 11.
    Baek, J., Steinfeld, R., Zheng, Y.: Formal Proofs for the Security of Signcryption. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, Springer, Heidelberg (2002)CrossRefGoogle Scholar
  12. 12.
    Baek, J., Steinfeld, R., Zheng, Y.: Formal Proofs for the Security of Signcryption. Journal of Cryptology 20, 203–235 (2007)MATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Bjørstad, T., Dent, A.: Building Better Signcryption Schemes with Tag-KEMs. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G. (eds.) PKC 2006. LNCS, vol. 3958, pp. 491–507. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  14. 14.
    Bellare, M., Canetti, R., Krawczyk, H.: A Modular Approach to the Design and Analysis of Authentication and Key Exchange Protocols (Extended Abstract). In: STOC1998. Proc. of the 30th Annual ACM Symposium on Theory of Computing, pp. 419–428 (1998)Google Scholar
  15. 15.
    Canetti, R., Krawczyk, H.: Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. 16.
    Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)Google Scholar
  17. 17.
    Tin, Y.S.T., Vasanta, H., Boyd, C., González-Nieto, J.M.: Protocols with Security Proofs for Mobile Applications. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 358–369. Springer, Heidelberg (2004)Google Scholar
  18. 18.
    Yoshida, M., Fujiwara, T.: On the Security of Tag-KEM for Signcryption. Electr. Notes Theor. Comput. Sci. 171, 83–91 (2007)CrossRefGoogle Scholar
  19. 19.
    International Organization for Standardization: ISO/IEC CD 18033-2, Information technology - Security techniques - Encryption Algorithms - Part 2: Asymmetric Ciphers (2003)Google Scholar
  20. 20.
    Okamoto, T., Pointcheval, D.: The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes. In: Kim, K.-c. (ed.) PKC 2001. LNCS, vol. 1992, pp. 104–118. Springer, Heidelberg (2001)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • M. Choudary Gorantla
    • 1
  • Colin Boyd
    • 1
  • Juan Manuel González Nieto
    • 1
  1. 1.Information Security Institute, Queensland University of Technology, GPO Box 2434, Brisbane, QLD 4001Australia

Personalised recommendations