Improvements and generalisations of signcryption schemes

In this work, we study the cryptographic primitive: signcryption, which combines the functionalities of digital signatures and public-key encryption. We first propose two generic transforms from meta-ElGamal signature schemes to signcryption schemes. These constructions can be thought of as generalisations of the signcryption schemes by Zheng and Gamage et al. Our results show that a large class of signcryption schemes are outsider IND-CCA2 secure and insider UF-CMA secure. As a by-product, we also show that the meta-ElGamal signature schemes, for which no previous formal security proofs have been shown, are UF-CMA secure. We then propose a modification of one of the transforms in order to achieve insider IND-CCA2 security in addition to insider UF-CMA security. This modification costs just one extra exponential operation. In particular, we can apply this modification to the Zheng signcryption scheme to make it fully insider secure. Finally, we propose a generic transform from a two-key signcryption scheme to a one-key signcryption scheme while preserving both confidentiality and unforgeability. Our result shows that if we have an insider IND-CCA2 and UFCMA secure two-key signcryption scheme, then it can be turned into an insider IND-CCA2 and UF-CMA secure one-key signcryption scheme. We also show that an insider IND-CCA2 and UF-CMA secure one-key signcryption scheme induces a secure combined public-key scheme; that is, a combination of a signature scheme and a public-key encryption scheme that can securely share the same key pair. Combining previous results suggests that we can obtain a large class of insider secure one-key signcryption schemes from meta-ElGamal signature schemes, and that each of them can induce a secure combined publickey scheme.