Constructing Practical Signcryption KEM from Standard Assumptions without Random Oracles

  • Xiangxue Li
  • Haifeng Qian
  • Yu Yu
  • Yuan Zhou
  • Jian Weng
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7954)


We present a direct construction for signcryption Key Encapsulation Mechanism (KEM) without random oracles under standard complexity assumptions. Chosen-ciphertext security is proven in the standard model under the DBDH assumption, and unforgeability is proven in the standard model under the CDH assumption. The proof technique allows us to achieve strong unforgeability from the weakly unforgeable Waters signature. The validity of the ciphertext of our signcryption KEM can be verified publicly, without knowledge of the decryption key.


Signcryption KEM Standard Model Standard Assumption 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    El Aimani, L.: Generic constructions for verifiable signcryption. In: Kim, H. (ed.) ICISC 2011. LNCS, vol. 7259, pp. 204–218. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  2. 2.
    An, J.H., Dodis, Y., Rabin, T.: On the security of joint signature and encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 83–107. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  3. 3.
    Boneh, D., Boyen, X.: Short signatures without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  4. 4.
    Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. SIAM Journal on Computing 32(3), 586–615 (2003)MathSciNetzbMATHCrossRefGoogle Scholar
  5. 5.
    Boneh, D., Shen, E., Waters, B.: Strongly unforgeable signatures based on computational diffie-hellman. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 229–240. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  6. 6.
    Boyen, X., Mei, Q., Waters, B.: Direct chosen ciphertext security from identity-based techniques. In: Proceedings of ACM CCS 2005, pp. 320–329 (2005)Google Scholar
  7. 7.
    Cramer, R., Shoup, V.: Signature schemes based on the strong RSA assumption. ACM TISSEC 3(3), 161–185 (2000)CrossRefGoogle Scholar
  8. 8.
    Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM Journal on Computing 33(1), 167–226 (2004)MathSciNetCrossRefGoogle Scholar
  9. 9.
    Dent, A.W.: Hybrid signcryption schemes with outsider security. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 203–217. Springer, Heidelberg (2005a)CrossRefGoogle Scholar
  10. 10.
    Dent, A.W.: Hybrid signcryption schemes with insider security. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 253–266. Springer, Heidelberg (2005b)CrossRefGoogle Scholar
  11. 11.
    Dent, A., Zheng, Y.: Practical signcryption. In: Information Security and Cryptography. Springer (2010)Google Scholar
  12. 12.
    Gamage, C., Leiwo, J., Zheng, Y.: Encrypted message authentication by firewalls. In: Imai, H., Zheng, Y. (eds.) PKC 1999. LNCS, vol. 1560, pp. 69–81. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  13. 13.
    Gennaro, R., Halevi, S., Rabin, T.: Secure hash-and-sign signatures without the random oracle. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 123–139. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  14. 14.
    Ji, P., Yang, M.: Verifiable short signcryption without random oracle. In: Wireless Communications, Networking and Mobile Computing, pp. 2270–2273 (2007)Google Scholar
  15. 15.
    Kang, L., Tang, X., Lu, X., Fan, J.: A short signature scheme in the standard model. IACR Eprint archive (2007),
  16. 16.
    Kiltz, E.: Chosen-ciphertext secure key-encapsulation based on gap hashed Diffie-Hellman. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 282–297. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  17. 17.
    Kiltz, E., Galindo, D.: Direct chosen-ciphertext secure identity-based key encapsulation without random oracles. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 336–347. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    Li, F., Shirase, M., Takagi, T.: Efficient signcryption key encapsulation without random oracles. In: Yung, M., Liu, P., Lin, D. (eds.) Inscrypt 2008. LNCS, vol. 5487, pp. 47–59. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  19. 19.
    Liu, J.K., Au, M.H., Susilo, W., Zhou, J.: Short generic transformation to strongly unforgeable signature in the standard model. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 168–181. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  20. 20.
    Matsuura, K., Zheng, Y., Imai, H.: Compact and flexible resolution of CBT multicast key-distribution. In: Masunaga, Y., Tsukamoto, M. (eds.) WWCA 1998. LNCS, vol. 1368, pp. 190–205. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  21. 21.
    Park, B., Lee, W.: ISMANET: a secure routing protocol using identity-based signcryption scheme for mobile ad-hoc networks. IEICE Transactions on Communications E88-B(6), 2548–2556 (2005)Google Scholar
  22. 22.
    Park, N., Moon, K., Chung, K.-I., Won, D.H., Zheng, Y.: A security acceleration using XML signcryption scheme in mobile grid web services. In: Lowe, D.G., Gaedke, M. (eds.) ICWE 2005. LNCS, vol. 3579, pp. 191–196. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  23. 23.
    Tan, C.: Insider-secure signcryption KEM/tag-KEM schemes without random oracles. In: Proceedings of International Conference on Availability, Reliability and Security - ARES 2008, pp. 1275–1281 (2008)Google Scholar
  24. 24.
    Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  25. 25.
    Zheng, Y.: Digital signcryption or how to achieve cost(signature & encryption) ≪ cost (signature)+ cost(encryption). In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 165–179. Springer, Heidelberg (1997)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Xiangxue Li
    • 1
    • 2
  • Haifeng Qian
    • 1
  • Yu Yu
    • 3
  • Yuan Zhou
    • 4
  • Jian Weng
    • 5
  1. 1.Department of Computer Science and TechnologyEast China Normal UniversityChina
  2. 2.State Key Laboratory of Integrated Services NetworksXidian UniversityChina
  3. 3.Institute for Interdisciplinary Information SciencesTsinghua UniversityChina
  4. 4.Network Emergency Response Technical TeamCoordination CenterChina
  5. 5.Department of Computer ScienceJinan UniversityChina

Personalised recommendations