On the Security of Signcryption Scheme with Key Privacy

Tan, Chik-How

doi:10.1093/ietfec/e88-a.4.1093

Cited by 19 publications

(6 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They proved that their signcryption scheme was insider-secure against adaptive chosen ciphertext attacks in the random oracle model. In 2005, Tan [25] disproved their claimed and showed that their signcryption scheme is in fact not insider-secure against adaptive chosen ciphertext attack under their defined attacks games. In 2005, Yang et al [29] also independently showed that the signcryption scheme [20] was not insider-secure against adaptive chosen ciphertext attacks and further improved the signcryption scheme.…”

Section: Related Workmentioning

confidence: 99%

Insider-secure Hybrid Signcryption SchemeWithout Random Oracles

Tan

2007

The Second International Conference on Availability, Reliability and Security (ARES'07)

View full text Add to dashboard Cite

Confidentiality and authenticity are two important security requirements in most secure systems. To efficiently provide data privacy (confidentiality) and (data/user) authenticity simultaneously, the notion of signcryption scheme was first introduced by Zheng in 1997. The security model for signcryption scheme was proposed by Baek et al. and An et al. in 2002 independently. Since then, many signcryption schemes were proposed; they are either a public-key signcryption or a hybrid signcryption. But, only few proposed signcryption schemes were supposed to be in the insider security, for example, Libert-Quisquater's signcryption schemes at PKC'2004 and SCN'2004 respectively and Yang-Wong-Deng's signcryption scheme at ISC'2005. Although all the above mentioned signcryption schemes were proved insider-secure against adaptive chosen ciphertext attack in the random oracle models, Tan showed that all the above mentioned signcryption schemes were not insidersecure against adaptive chosen ciphertext attack in 2005 and 2006 respectively. Up to our knowledge, it seems that none of insider-secure hybrid signcryption scheme is constructed without random oracles. In this paper, we proposed a hybrid signcryption scheme and showed that the proposed scheme is insider-secure without random oracles.2 It is noted that Dent's signcryption scheme is not "fully" insider-Second International Conference on Availability, Reliability and Security (ARES'07) 0-7695-2775-2/07 $20.00 © 2007 Pr[ Hk(y) = Hk(x) and y = x : given x ∈ {0, 1}l, choosek ∈K; y ← A(Hk) ] ≥ tcr . Definition 3 (Key Derivation Function). Let KDF : K → K 1 × K 2 be a key derivation function from a key space K to key spaces K 1 ×K 2 . We say that a key derivative function is ( kdf , t)-secure if no t-polynomial time algorithm A, which Second International Conference on Availability, Reliability and Security (ARES'07) 0-7695-2775-2/07 $20.00

show abstract

Section: Related Workmentioning

confidence: 99%

Insider-secure Hybrid Signcryption SchemeWithout Random Oracles

Tan

2007

The Second International Conference on Availability, Reliability and Security (ARES'07)

View full text Add to dashboard Cite

show abstract

“…However, [21] and [23] independently demonstrated that it is neither semantically secure nor anonymous under chosen plaintext attack. In [23], Yang, Wong and Deng also proposed an improvement (hereinafter referred as the YWD scheme) based on [14].…”

Section: Introductionmentioning

confidence: 99%

An efficient signcryption scheme with key privacy and its extension to ring signcryption*

Yang

Wong

et al. 2010

JCS

View full text Add to dashboard Cite

In Information Processing Letters (2006), Tan pointed out that the anonymous signcryption scheme proposed by Yang, Wong and Deng (YWD) in ISC 2005 provides neither confidentiality nor anonymity. However, no discussion has been made on how a secure scheme can be made and there is no secure scheme available to date. In this paper, we propose a modification of YWD scheme which resolves the security issues of the original scheme without sacrificing its high efficiency and simple design. Indeed, we show that our scheme achieves confidentiality, existential unforgeability and anonymity with more precise reduction bounds. We also give a variation of our scheme and extend it to a ring signcryption scheme by using the technique due to Boneh, Gentry, Lynn and Shacham.

show abstract

“…They proved that their signcryption scheme was secure in the random oracle model with the following properties: semantically security against adaptive chosen ciphertext attacks, ciphertext anonymity and key invisibility. Unfortunately, Tan showed that the scheme did not satisfy the above properties in [5]. Up to now, the most efficient IDbased signcryption scheme [9] was proposed by Barreto et al and the security of the scheme was based on recently studied computational assumptions: the q-Bilinear Diffie-Hellman Inversion problem.…”

Section: Introductionmentioning

confidence: 99%