Multipurpose Identity-Based Signcryption (A Swiss Army Knife for Identity-Based Cryptography)
نویسنده
چکیده
Identity-Based (IB) cryptography is a rapidly emerging approach to public-key cryptography that does not require principals to pre-compute key pairs and obtain certificates for their public keys— instead, public keys can be arbitrary identifiers such as email addresses, while private keys are derived at any time by a trusted private key generator upon request by the designated principals. Despite the flurry of recent results on IB encryption and signature, some questions regarding the security and efficiency of practicing IB encryption (IBE) and signature (IBS) as a joint IB signature/encryption (IBSE) scheme with a common set of parameters and keys, remain unanswered. We first propose a stringent security model for IBSE schemes. We require the usual strong security properties of: (for confidentiality) indistinguishability against adaptive chosen-ciphertext attacks, and (for nonrepudiation) existential unforgeability against chosen-message insider attacks. In addition, to ensure as strong as possible ciphertext armoring, we also ask (for anonymity) that authorship not be transmitted in the clear, and (for unlinkability) that it remain unverifiable by anyone except (for authentication) by the legitimate recipient alone. We then present an efficient IBSE construction, based on bilinear pairings, that satisfies all these security requirements, and yet is as compact as pairing-based IBE and IBS in isolation. Our scheme is secure, compact, fast and practical, offers detachable signatures, and supports multirecipient encryption with signature sharing for maximum scalability.
منابع مشابه
Multipurpose Identity-Based Sign ryption A Swiss Army Knife for Identity-Based Cryptography
متن کامل
Generalized Hierarchical Identity-Based Signcryption
In this paper, we propose a generic method to construct Hierarchical Identity-Based Signcryption scheme. Using this method, a Hierarchical Identity-Based Signcryption scheme can be converted from any Hierarchical Identity-Based Encryption scheme. Then, we give a concrete instantiation, which is the first constant-size fully secure hierarchical identity-based signcryption scheme in the standard ...
متن کاملCryptanalysis of an Identity Based Signcryption Scheme without Random Oracles
Signcryption is a cryptographic primitive that aims at providing confidentiality and the sender’s identity authentication in a logic step, at lower computational costs and communication overheads than sign-then-encrypt way. Recently, Yu et al.[1] proposed a new identity based signcryption scheme in standard model. However, in this paper, we show that the scheme still has some security weaknesse...
متن کاملIdentity based signcryption scheme without random oracles
Signcryption is a cryptographic primitive which performs encryption and signature in a single logical step with the cost lower than signature-then-encryption approach.. In this paper we gave attacks on confidentiality and unforgeability of two identity based signcryption schemes without random oracles. Further we proposed an improved identity based signcryption scheme without random oracles. We...
متن کاملAn Effective Model for Signcryption using Attribute based Encryption
Secret and secure delivery of message is most important issue in field of security hence signcryption were used. The term signcryption is referred as a technique of encrypting the data with the use of signatures in area of public key cryptography. A signcryption technique is a combination of digital signature which is used for authentication and public key cryptography which is used for securin...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2003