DOI QR코드

DOI QR Code

Analysis of Certificateless Signcryption Schemes and Construction of a Secure and Efficient Pairing-free one based on ECC

  • Cao, Liling (Department of Engineering Science and Technology, Shanghai Ocean University) ;
  • Ge, Wancheng (Department of Electronic and Information Engineering, Tongji University)
  • Received : 2016.05.07
  • Accepted : 2018.04.06
  • Published : 2018.09.30

Abstract

Signcryption is a cryptographic primitive that provides authentication (signing) and confidentiality (encrypting) simultaneously at a lower computational cost and communication overhead. With the proposition of certificateless public key cryptography (CLPKC), certificateless signcryption (CLSC) scheme has gradually become a research hotspot and attracted extensive attentions. However, many of previous CLSC schemes are constructed based on time-consuming pairing operation, which is impractical for mobile devices with limited computation ability and battery capacity. Although researchers have proposed pairing-free CLSC schemes to solve the issue of efficiency, many of them are in fact still insecure. Therefore, the challenging problem is to keep the balance between efficiency and security in CLSC schemes. In this paper, several existing CLSC schemes are cryptanalyzed and a new CLSC scheme without pairing based on elliptic curve cryptosystem (ECC) is presented. The proposed CLSC scheme is provably secure against indistinguishability under adaptive chosen-ciphertext attack (IND-CCA2) and existential unforgeability under adaptive chosen-message attack (EUF-CMA) resting on Gap Diffie-Hellman (GDH) assumption and discrete logarithm problem in the random oracle model. Furthermore, the proposed scheme resists the ephemeral secret leakage (ESL) attack, public key replacement (PKR) attack, malicious but passive KGC (MPK) attack, and presents efficient computational overhead compared with the existing related CLSC schemes.

Keywords

References

  1. L. M. Kohnfelder, "Towards a practical public-key cryptosystem," B.S. Thesis in Massachusetts Institute of Technology, 1978.
  2. A. Shamir, "Identity-based cryptosystems and signature schemes," Lecture Notes in Computer Science, vol.196, pp. 47-53, 1985.
  3. S. S. Al-Riyami and K. G. Paterson, "Certificateless public key cryptography," Lecture Notes in Computer Science, vol.2894, pp. 452-473, 2003.
  4. Y. L. Zheng, "Digital signcryption or how to achieve cost(signature & encryption) << cost(signature) plus cost(encryption)," Advances in cryptology - crypto'97, pp. 165-179, 1997.
  5. M. Barbosa and P. Farshim, "Certificateless signcryption,", in proc. of ACM Symposium on Information, Computer and Communications Security, pp. 369-372, March 20, 2008.
  6. D. Aranha, R. Castro, J. Lopez and R. Dahab, "Efficient certificateless signcryption," in Proc. of 8th Brazilian Symposium on Information and Computer Systems Security, 2008.
  7. C. H. Wu and Z. X. Chen, "A new efficient certificateless signcryption scheme," in Proc. of 2008 International Symposium on Information Science and Engineering, pp. 661-664, December 20, 2008.
  8. W. J. Xie and Z. Zhang, "Efficient and provably secure certificateless signcryption from bilinear maps," in Proc. of 2010 IEEE International Conference on Wireless Communications, Networking and Information Security, pp. 558-562, June 25 - 27, 2010.
  9. Z. H. Liu, Y. P. Hu, X. S. Zhang and H. Ma, "Certificateless signcryption scheme in the standard model," Information Sciences, vol.180, no.3, pp. 452-464, February, 2010. https://doi.org/10.1016/j.ins.2009.10.011
  10. S. K. H. Islam and F. Li, "Leakage-free and provably secure certificateless signcryption scheme using bilinear pairings," Computer Journal, vol.58, no.10, pp. 2636-2648, October, 2015. https://doi.org/10.1093/comjnl/bxv002
  11. F. Li, M. Shirase and T. Takagi, " Certificateless hybrid signcryption," Mathematical and Computer Modelling, vol. 57, no.3-4, pp. 324-343, 2013. https://doi.org/10.1016/j.mcm.2012.06.011
  12. C. Zhou, W. Zhou and X. Dong, "Provable certificateless generalized signcryption scheme," Designs Codes and Cryptography, vol.71, no.2, pp. 331-346, May, 2014. https://doi.org/10.1007/s10623-012-9734-y
  13. A. Yin and H. Liang, "On security of a certificateless hybrid signcryption scheme," Wireless Personal Communications, vol.85, no.4, pp. 1727-1739, December, 2015. https://doi.org/10.1007/s11277-015-2864-6
  14. M. H. Au, J. Chen, J. K. Liu, Y. Mu, D. S. Wong and G. Yang, "Malicious kgc attacks in certificateless cryptography," in Proc. of 2nd ACM Symposium on Information, Computer and Communications Security, pp. 302-311, March 20 -22, 2007.
  15. J. Weng, G. X. Yao, R. H. Deng, M. R. Chen and X. X. Li, "Cryptanalysis of a certificateless signcryption scheme in the standard model," Information Sciences, vol.181, no.3, pp. 661-667, February, 2011. https://doi.org/10.1016/j.ins.2010.09.037
  16. S. S. D. Selvi, S. S. Vivek and C. P. Rangan, "Cryptanalysis of certificateless signcryption schemes and an efficient construction without pairing," Lecture Notes in Computer Science, vol.6151, pp. 75-92, 2010.
  17. S. K. H. Islam, "A provably secure id-based mutual authentication and key agreement scheme for mobile multi-server environment without esl attack," Wireless Personal Communications, vol.79, no.3, pp. 1975-1991, December, 2014. https://doi.org/10.1007/s11277-014-1968-8
  18. H. Li, H. Zhu and Y. M. Wang, "Certificateless signcryption scheme without pairing," Computer Research and Development, vol.47, no. 9, pp. 1587-1594, 2010.
  19. W. Liu and C. Xu, "Certificateless signcryption scheme without bilinear pairing," Journal of Software, vol.22, no.8, pp. 1918-1926, 2011. https://doi.org/10.3724/SP.J.1001.2011.03891
  20. X. Jing, " Provably secure certificateless signcryption scheme without pairing," in Proc. of 2011 International Conference on Electronic and Mechanical Engineering and Information Technology, pp. 4753-4756, August 12-14, 2011.
  21. D. He, "Security analysis of a certificateless signcryption scheme," Journal of Software, vol.24, no.3, pp. 618-622, 2013. https://doi.org/10.3724/SP.J.1001.2013.04245
  22. W. B. Shi, N. Kumar, P. Gong and Z. Z. Zhang, "Cryptanalysis and improvement of a certificateless signcryption scheme without bilinear pairing," Frontiers of Computer Science, vol.8, no.4, pp. 656-666, August, 2014. https://doi.org/10.1007/s11704-014-3245-0
  23. Y. Lu and J. Li, "Provably secure certificate-based signcryption scheme without pairings," Ksii Transactions on Internet and Information Systems, vol.8, no.7, pp. 2554-2571, July, 2014. https://doi.org/10.3837/tiis.2014.07.020
  24. D. Pointcheval and J. Stern, "Security proofs for signature schemes," in Proc. of Advances in cryptology - eurocrypt '96, pp. 387-398, Springer, Berlin, 1996.
  25. D. He, J. Chen and J. Hu, "An id-based proxy signature schemes without bilinear pairings," Annals of Telecommunications-Annales Des Telecommunications, vol.66, no.11-12, pp. 657-662, December, 2011. https://doi.org/10.1007/s12243-011-0244-0
  26. H. Arshad and M. Nikooghadam, "Three-factor anonymous authentication and key agreement scheme for telecare medicine information systems," Journal of Medical Systems, vol.38, no.12, December, 2014.

Cited by

  1. The alternative Method to Finish Modular Exponentiation and Point Multiplication Processes vol.15, pp.7, 2018, https://doi.org/10.3837/tiis.2021.07.017
  2. A Pairing‐Free Certificateless Signcryption Scheme for Vehicular Ad Hoc Networks vol.30, pp.5, 2018, https://doi.org/10.1049/cje.2021.07.006
  3. An Anonymous Certificateless Signcryption Scheme for Secure and Efficient Deployment of Internet of Vehicles vol.13, pp.19, 2018, https://doi.org/10.3390/su131910891