A signcryption scheme with signature directly verifiable by public key
Signcryption, first proposed by Zheng [4, 5], is a cryptographic primitive which combines both the functions of digital signature and public key encryption in a logical single step, and with a computational cost siginficantly lower than that needed by the traditional signature-then-encryption approach. In Zheng's scheme, the signature verification can be done either by the recipient directly (using his private key) or by engaging a zero-knowledge interative protocol with a third party, without disclosing recipient's private key. In this note, we modify Zheng's scheme so that the recipient's private key is no longer needed in signature verification. The computational cost of the modified scheme is higher than that of Zheng's scheme but lower than that of the signature-then-encryption approach.
KeywordsSignature Scheme Signature Verification Signcryption Scheme Brute Force Attack Exponential Computation
Unable to display preview. Download preview PDF.
- 2.H. Petersen and M. Michels, “Cryptanalysis and improvement of signcryption schemes”, to appear in IEE Computers and Digital Techniques, 1998.Google Scholar
- 3.C. P. Schnorr, “Efficient identification and signature for smart cards”, Advances in Cryptology — CRYPTO'89, LNCS 435, Springer-Verlag, pp. 239–251.Google Scholar
- 4.Y. Zheng, “Digital signcryption or how to achieve cost (signature and encryption) ¡¡ cost(signature) + cost(encryption)”, In Advances in Cryptology — CRYPTO'97, LNCS 1294, Springer-Verlag, pp. 165–179, 1997.Google Scholar
- 5.Y. Zheng, “Signcryption and its application in efficient public key solutions”, Pre-Proceedings of Information Security Workshop(ISW'97), pp. 201–218, to be published in LNCS by Springer-Verlag.Google Scholar