Cryptanalysis of an Authentication Scheme Using an Identity Based Generalized Signcryption

Secure data transmission is a challenging issue in modern data communication. ID based generalized signcryption is a cost effective security primitive which provides authentication or confidentiality, or jointly confidentiality and authentication. Wei’s proposed an ID based generalized signcryption scheme for authentication and confidentiality of big data in a standard model, claiming that their scheme holds the security of indistinguishability against adaptive chosen-ciphertext attacks and existential unforgeability against adaptive chosen message attacks. In this paper, we analyzed Wei’s scheme by launching security attacks on the scheme to check its validity. As a result, it became clear and proved that the master secret key generated in the scheme is compromisable. Similarly, the mentioned scheme does not hold the security of indistinguishability against adaptive chosen-ciphertext attacks and existential unforgeability against adaptive chosen message attacks. Consequently, Wei’s schemes is prone to attacks and is insecure.

[1]  Xavier Boyen,et al.  Multipurpose Identity-Based Signcryption (A Swiss Army Knife for Identity-Based Cryptography) , 2003, CRYPTO.

[2]  Caixue Zhou,et al.  Provable certificateless generalized signcryption scheme , 2014, Des. Codes Cryptogr..

[3]  C. Pandu Rangan,et al.  Identity Based Public Verifiable Signcryption Scheme , 2010, ProvSec.

[4]  Gang Yu,et al.  Provable secure identity based generalized signcryption scheme , 2010, Theor. Comput. Sci..

[5]  Pil Joong Lee,et al.  Identity-Based Signcryption from Identity-Based Cryptography , 2011, WISA.

[6]  Siu-Ming Yiu,et al.  Efficient Forward and Provably Secure ID-Based Signcryption Scheme with Public Verifiability and Public Ciphertext Authenticity , 2003, ICISC.

[7]  Yuliang Zheng,et al.  Digital Signcryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) + Cost(Encryption) , 1997, CRYPTO.

[8]  Sunder Lal,et al.  An efficient identity based generalized signcryption scheme , 2011, Theor. Comput. Sci..

[9]  Abdul Waheed,et al.  Improved Cryptanalysis of Provable Certificateless Generalized Signcryption , 2019, International Journal of Advanced Computer Science and Applications.

[10]  Paulo S. L. M. Barreto,et al.  Efficient and Provably-Secure Identity-Based Signatures and Signcryption from Bilinear Maps , 2005, ASIACRYPT.

[11]  Xiaoyuan Yang,et al.  ECGSC: Elliptic Curve Based Generalized Signcryption , 2006, UIC.

[12]  Yong Yu,et al.  Identity based signcryption scheme without random oracles , 2009, Comput. Stand. Interfaces.

[13]  Yang Ming,et al.  Identity Based Generalized Signcryption Scheme in the Standard Model , 2017, Entropy.

[14]  Fahad Bin Muhaya,et al.  Efficient Identity-Based Signcryption in the Standard Model , 2011, ProvSec.

[15]  Rongxing Lu,et al.  Obtain confidentiality or/and authenticity in Big Data by ID-based generalized signcryption , 2015, Inf. Sci..

[16]  Xu An Wang,et al.  Provable Secure Generalized Signcryption , 2007, IACR Cryptol. ePrint Arch..

[17]  Jean-Jacques Quisquater,et al.  A new identity based signcryption scheme from pairings , 2003, Proceedings 2003 IEEE Information Theory Workshop (Cat. No.03EX674).

[18]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[19]  Liqun Chen,et al.  Improved Identity-Based Signcryption , 2005, Public Key Cryptography.

[20]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[21]  Sunder Lal,et al.  ID based generalized signcryption , 2008, IACR Cryptol. ePrint Arch..

[22]  Qiaoyan Wen,et al.  An improved semantically-secure identity-based signcryption scheme in the standard model , 2010, Comput. Electr. Eng..