On the security of some Multi-PKG/multi-recipient signcryption schemes

Signcryption is an asymmetric cryptographic method that provides simultaneously both message confidentiality and unforgeability at a low computational and communication overhead. Indistinguishability and unforgeability are two primitive properties of a secure signcryption. Recently, to satisfy the security requirements of Ad hoc networks, Li et.al proposed two Multi-PKG ID-based signcryption schemes in ANCS2007 and Inscrypt2008, respectively. To satisfy the security requirements of multi-user setting, Li et.al also proposed a multi-recipient signcryption scheme . In this work, we analyze the security of three signcryption schemes and show that the two Multi-PKG ID-based signcryption schemes are insecure against chosen ciphertext attacks and the multi-recipient signcryption scheme is insecure against chosen message attacks. And we discuss the reason of producing such attacks and the corresponding revised methods for each scheme.