A Signcryption Scheme Based on Integer Factorization

  • Ron Steinfeld
  • Yuliang Zheng
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1975)


Signcryption is a public-key cryptographic primitive introduced by Zheng, which achieves both message confidentiality and nonrepudiatable origin authenticity, at a lower computational and communication overhead cost than the conventional ‘sign-then-encrypt’ approach. We propose a new signcryption scheme which gives a partial solution to an open problem posed by Zheng, namely to find a signcryption scheme based on the integer factorization problem. In particular, we prove that our scheme is existentially unforgeable, in the random oracle model, subject to the assumption that factoring an RSA modulus N = pq (with p and q prime) is hard even when given the additional pair (g; S), where gℤ* N is an asymmetric basis of large order less than a bound S/2 ≪ √N.


Random Oracle Model Modular Reduction Trust Authority Security Notion Signcryption Scheme 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    M. Bellare, A. Boldyreva, and S. Micali. Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements. In EUROCRYPT 2000, volume 1807 of LNCS, pages 259–274, Berlin, 2000. Springer-Verlag.CrossRefGoogle Scholar
  2. 2.
    D. Boneh and M. Franklin. Efficient Generation of Shared RSA Keys. In CRYPTO’97, volume 1294 of LNCS, pages 425–439, Berlin, 1997. Springer-Verlag.Google Scholar
  3. 3.
    S. Cavallar et al. Factorization of a 512-Bit RSA Modulus. In EUROCRYPT 2000, volume 1807 of LNCS, pages 1–18, Berlin, 2000. Springer-Verlag.CrossRefGoogle Scholar
  4. 4.
    U. Feige and A. Shamir. Witness Indistinguishable and Witness Hiding Protocols. In Proc. 22-nd STOC, pages 416–426. ACM, 1990.Google Scholar
  5. 5.
    FIPS 186-2, Digital Signature Standard. Federal Information Processing Standards Publication 186-2, 2000. Available from
  6. 6.
    M. Girault. Self-Certified Public Keys. In EUROCRYPT’ 91, volume 547 of LNCS, pages 490–497, Berlin, 1992. Springer-Verlag.Google Scholar
  7. 7.
    S. Goldwasser, S. Micali, and R. Rivest. A Digital Signature Scheme Secure against Adaptively Chosen Message Attacks. SIAM Journal on Computing, 17(2):281–308, 1988.zbMATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    A. Lenstra and E. Verheul. Selecting Cryptographic Key Sizes. In PKC2000, volume 1751 of LNCS, pages 446–465, Berlin, 2000. Springer-Verlag.Google Scholar
  9. 9.
    D. Pointcheval. The Composite Discrete Logarithm and Secure Authentication. In PKC2000, volume 1751 of LNCS, pages 113–128, Berlin, 2000. Springer-Verlag.Google Scholar
  10. 10.
    D. Pointcheval and J. Stern. Security Arguments for Digital Signatures and Blind Signatures. J. of Cryptology, 1999. Available from∼pointche.
  11. 11.
    G. Poupard and J. Stern. Security Analysis of a Practical “on the fly” Authentication and Signature Generation. In EUROCRYPT’98, volume 1403 of LNCS, pages 422–436, Berlin, 1998. Springer-Verlag.Google Scholar
  12. 12.
    G. Poupard and J. Stern. Short Proofs of Knowledge for Factoring. In PKC 2000, volume 1751 of LNCS, pages 147–166, Berlin, 2000. Springer-Verlag.Google Scholar
  13. 13.
    C. P. Schnorr. Effficient Identification and Signatures for Smart Cards. In CRYPTO’89, volume 435 of LNCS, pages 239–251, Berlin, 1990. Springer-Verlag.Google Scholar
  14. 14.
    SEC2. Recommended Elliptic Curve Domain Parameters, September 2000. Standards for Efficient Cryptography Group. Available from
  15. 15.
    Y. Zheng. Digital Signcryption or How to Achieve Cost(Signature & Encryption) ‘<‘< Cost(Signature) + Cost(Encryption). In CRYPTO’97, volume 1294 of LNCS, pages 165–179, Berlin, 1997. Springer-Verlag.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2000

Authors and Affiliations

  • Ron Steinfeld
    • 1
  • Yuliang Zheng
    • 1
  1. 1.Laboratory for Information and Network SecuritySchool of Network Computing,Monash UniversityFrankstonAustralia

Personalised recommendations