On the security of a certificateless signcryption scheme

Author

Yueying Huang ; Jingang Zhang ; Houyan Chen

Author_Institution

Basic Educ. Sch., Zhanjiang Normal Univ., Zhan Jiang, China

fYear

2014

fDate

8-9 May 2014

Firstpage

664

Lastpage

667

Abstract

Signcryption is a cryptographic primitive that simultaneously realizes both the functions of public key encryption and digital signature in a logically single step, and with a cost significantly lower than that required by the traditional “signature and encryption” approach. Recently, an efficient certificateless signcryption scheme without using bilinear pairings was proposed by Zhu et al., which is claimed secure based on the assumptions that the compute Diffie-Hellman problem and the discrete logarithm problem are difficult. Although some security arguments were provided to show the scheme is secure, in this paper, we find that the signcryption construction due to Zhu et al. is not as secure as claimed. Specifically, we describe an adversary that can break the IND-CCA2 security of the scheme without any Unsigncryption query. Moreover, we demonstrate that the scheme is insecure against key replacement attack by describing a concrete attack approach.

Keywords

digital signatures; group theory; public key cryptography; Diffie-Hellman problem; IND-CCA2 security; certificateless signcryption scheme; concrete attack approach; cryptographic primitive; digital signature; discrete logarithm problem; key replacement attack; public key encryption; Computers; Encryption; Games; Public key; Receivers; Cryptography; Digital Signcryption; Key replacement attack; Security analysis;

fLanguage

English

Publisher

ieee

Conference_Titel

Electronics, Computer and Applications, 2014 IEEE Workshop on

Conference_Location

Ottawa, ON

Type

conf

DOI

10.1109/IWECA.2014.6845707

Filename

6845707