Direct Construction of Signcryption Tag-KEM from Standard Assumptions in the Standard Model
The paper presents a direct construction of signcryption tag-KEM under the standard DBDH and CDH assumptions in the standard model, without using strongly unforgeable signature schemes as building blocks. We prove its confidentiality and unforgeability with respect to adversarially-chosen keys where the adversary is given more advantageous attack environment than existing models in the literature. The performance of our construction is comparable to existing signcryption tag-KEM schemes.
KeywordsRandom Oracle Water Signature Security Parameter Direct Construction Signcryption Scheme
Unable to display preview. Download preview PDF.