Cryptanalysis of a certificateless signcryption scheme in the standard model

Certificateless signcryption is a useful primitive which simultaneously provides the functionalities of certificateless encryption and certificateless signature. Recently, Liu et al. [15] proposed a new certificateless signcryption scheme, and claimed that their scheme is provably secure without random oracles in a strengthened security model, where the malicious-but-passive KGC attack is considered. Unfortunately, by giving concrete attacks, we indicate that Liu et al. certificateless signcryption scheme is not secure in this strengthened security model.

[1]  Jean-Jacques Quisquater,et al.  On Constructing Certificateless Cryptosystems from Identity Based Encryption , 2006, Public Key Cryptography.

[2]  Xiaotie Deng,et al.  Certificateless signature: a new security model and an improved generic construction , 2007, Des. Codes Cryptogr..

[3]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[4]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[5]  Qiong Huang,et al.  Generic Certificateless Encryption in the Standard Model , 2007, IWSEC.

[6]  Volker Roth,et al.  General Certificateless Encryption and Timed-Release Encryption , 2008, IACR Cryptol. ePrint Arch..

[7]  Yupu Hu,et al.  Certificateless signcryption scheme in the standard model , 2010, Inf. Sci..

[8]  Manuel Barbosa,et al.  Certificateless signcryption , 2008, ASIACCS '08.

[9]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[10]  Kenneth G. Paterson,et al.  Certificateless Encryption Schemes Strongly Secure in the Standard Model , 2008, Public Key Cryptography.

[11]  Yuliang Zheng,et al.  Digital Signcryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) + Cost(Encryption) , 1997, CRYPTO.

[12]  Yi Mu,et al.  Certificateless Threshold Ring Signature , 2009, Inf. Sci..

[13]  Yi Mu,et al.  Malicious KGC attacks in certificateless cryptography , 2007, ASIACCS '07.

[14]  Joonsang Baek,et al.  Certificateless Public Key Encryption Without Pairing , 2005, ISC.

[15]  Yi Mu,et al.  On the Security of Certificateless Signature Schemes from Asiacrypt 2003 , 2005, CANS.

[16]  Kyung-Ah Shim,et al.  Breaking the short certificateless signature scheme , 2009, Inf. Sci..

[17]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[18]  Pil Joong Lee,et al.  Generic Construction of Certificateless Signature , 2004, ACISP.