Efficient Constructions of Signcryption Schemes and Signcryption Composability

In this paper, we investigate simple but efficient constructions of signcryption schemes. Firstly, we show how symmetric primitives can be used to efficiently achieve outsider multi-user security, leading to a signcryption scheme with the currently lowest ciphertext and computational overhead. For the mixed security notions outsider confidentiality/insider unforgeability and insider confidentiality/outsider unforgeability, this approach yields lower ciphertext overhead and a higher level of security, respectively, compared to the current schemes. Secondly, we show a simple optimization to the well known "sign-then-encrypt" and "encrypt-then-sign" approaches to the construction of signcryption schemes by using tag-based encryption. Instantiations with our proposed tag-based schemes yield multi-user insider secure signcryption schemes in the random oracle model which is at least as efficient as any other existing scheme both in terms of ciphertext overhead and computational cost. Furthermore, we show that very efficient standard model signcryption schemes can be constructed using this technique as well. Lastly, we show how signatures and encryption can be combined in a non-black-box manner to achieve higher efficiency than schemes based on the above approach. We refer to signature and encryption schemes which can be combined in this way as signcryption composable, and we show that a number of the most efficient standard model encryption and signature schemes satisfy this, leading to the most efficient standard model signcryption schemes. Since all of our constructions are fairly simple and efficient, they provide a benchmark which can be used to evaluate future signcryption schemes.

[1]  Hideki Imai,et al.  Chosen Ciphertext Secure Public Key Encryption with a Simple Structure , 2008, IWSEC.

[2]  Eike Kiltz,et al.  Chosen-Ciphertext Secure Key-Encapsulation Based on Gap Hashed Diffie-Hellman , 2007, Public Key Cryptography.

[3]  Tatsuaki Okamoto,et al.  Public Key Cryptography - PKC 2007, 10th International Conference on Practice and Theory in Public-Key Cryptography, Beijing, China, April 16-20, 2007, Proceedings , 2007, Public Key Cryptography.

[4]  Tal Rabin,et al.  On the Security of Joint Signature and Encryption , 2002, EUROCRYPT.

[5]  Michael K. Reiter,et al.  Alternatives to Non-malleability: Definitions, Constructions, and Applications (Extended Abstract) , 2004, TCC.

[6]  Jan Camenisch,et al.  Signature Schemes and Anonymous Credentials from Bilinear Maps , 2004, CRYPTO.

[7]  Chik How Tan Security Analysis of Signcryption Scheme from q-Diffie-Hellman Problems , 2006, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[8]  Rosario Gennaro,et al.  Securing Threshold Cryptosystems against Chosen Ciphertext Attack , 1998, EUROCRYPT.

[9]  Aggelos Kiayias,et al.  Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[10]  A. J. Menezes,et al.  Advances in Cryptology - CRYPTO 2007, 27th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2007, Proceedings , 2007, CRYPTO.

[11]  Yuliang Zheng,et al.  Digital Signcryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) + Cost(Encryption) , 1997, CRYPTO.

[12]  Chik How Tan On the Security of Signcryption Scheme with Key Privacy , 2005, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[13]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[14]  Robert H. Deng,et al.  Public Key Cryptography – PKC 2004 , 2004, Lecture Notes in Computer Science.

[15]  Joonsang Baek,et al.  Formal Proofs for the Security of Signcryption , 2002, Journal of Cryptology.

[16]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[17]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[18]  Eike Kiltz,et al.  Secure Hybrid Encryption from Weakened Key Encapsulation , 2007, CRYPTO.

[19]  Xiaotie Deng,et al.  An Efficient Signcryption Scheme with Key Privacy , 2007, EuroPKI.

[20]  Alexander W. Dent,et al.  Hybrid Signcryption Schemes with Insider Security , 2005, ACISP.

[21]  Chanathip Namprempre,et al.  Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm , 2000, Journal of Cryptology.

[22]  Chae Hoon Lim,et al.  Information Security and Cryptology — ICISC 2002 , 2003, Lecture Notes in Computer Science.

[23]  Brent Waters,et al.  Strongly Unforgeable Signatures Based on Computational Diffie-Hellman , 2006, Public Key Cryptography.

[24]  D. Boneh,et al.  Short Signatures from the Weil Pairing , 2001, Journal of Cryptology.

[25]  Qixiang Mei,et al.  Direct chosen ciphertext security from identity-based techniques , 2005, CCS '05.

[26]  Chik How Tan,et al.  Signcryption Scheme in Multi-user Setting without Random Oracles , 2008, IWSEC.

[27]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[28]  Jean-Jacques Quisquater,et al.  Efficient Signcryption with Key Privacy from Gap Diffie-Hellman Groups , 2004, Public Key Cryptography.

[29]  David Cash,et al.  The Twin Diffie-Hellman Problem and Applications , 2008, EUROCRYPT.

[30]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[31]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[32]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[33]  Alexander W. Dent,et al.  Building Better Signcryption Schemes with Tag-KEMs , 2006, Public Key Cryptography.

[34]  Josef Pieprzyk,et al.  Advances in Cryptology - ASIACRYPT 2008, 14th International Conference on the Theory and Application of Cryptology and Information Security, Melbourne, Australia, December 7-11, 2008. Proceedings , 2008, ASIACRYPT.

[35]  David Naccache,et al.  Topics in Cryptology — CT-RSA 2001 , 2001, Lecture Notes in Computer Science.

[36]  Chik How Tan Insider-secure Signcryption KEM/Tag-KEM Schemes without Random Oracles , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[37]  Ronald Cramer,et al.  Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack , 2003, SIAM J. Comput..

[38]  Kaoru Kurosawa,et al.  Efficient Chosen Ciphertext Secure Public Key Encryption under the Computational Diffie-Hellman Assumption , 2008, IACR Cryptol. ePrint Arch..

[39]  Hugo Krawczyk,et al.  HMQV: A High-Performance Secure Diffie-Hellman Protocol , 2005, CRYPTO.

[40]  Chik How Tan Insider-secure Hybrid Signcryption SchemeWithout Random Oracles , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[41]  Eike Kiltz,et al.  Chosen-Ciphertext Security from Tag-Based Encryption , 2006, TCC.

[42]  Colin Boyd,et al.  On the Connection Between Signcryption and One-Pass Key Establishment , 2007, IMACC.

[43]  Xiaotie Deng,et al.  Analysis and Improvement of a Signcryption Scheme with Key Privacy , 2005, ISC.

[44]  Kaoru Kurosawa,et al.  Tag-KEM/DEM: A New Framework for Hybrid Encryption and A New Analysis of Kurosawa-Desmedt KEM , 2005, EUROCRYPT.

[45]  Aggelos Kiayias,et al.  Public Key Cryptography - PKC 2006 , 2006, Lecture Notes in Computer Science.

[46]  Changshe Ma,et al.  Efficient Short Signcryption Scheme with Public Verifiability , 2006, Inscrypt.

[47]  Chik How Tan Analysis of improved signcryption scheme with key privacy , 2006, Inf. Process. Lett..

[48]  Colin Boyd,et al.  Cryptography and Coding , 1995, Lecture Notes in Computer Science.

[49]  Tatsuaki Okamoto,et al.  Advances in Cryptology — ASIACRYPT 2000 , 2000, Lecture Notes in Computer Science.

[50]  Mihir Bellare,et al.  The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES , 2001, CT-RSA.

[51]  Dong Hoon Lee,et al.  Provably Secure Encrypt-then-Sign Composition in Hybrid Signcryption , 2002, ICISC.

[52]  Jean-Jacques Quisquater,et al.  Improved Signcryption from q-Diffie-Hellman Problems , 2004, SCN.

[53]  Nigel P. Smart,et al.  Advances in Cryptology - EUROCRYPT 2008, 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Istanbul, Turkey, April 13-17, 2008. Proceedings , 2008, EUROCRYPT.

[54]  Joonsang Baek,et al.  Constructing Strong KEM from Weak KEM (or How to Revive the KEM/DEM Framework) , 2008, SCN.

[55]  Arto Salomaa,et al.  Public-Key Cryptography , 1991, EATCS Monographs on Theoretical Computer Science.

[56]  Victor Shoup,et al.  Sequences of games: a tool for taming complexity in security proofs , 2004, IACR Cryptol. ePrint Arch..

[57]  Chik How Tan Forgery of Provable Secure Short Signcryption Scheme , 2007, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[58]  Matthew Franklin,et al.  Advances in Cryptology – CRYPTO 2004 , 2004, Lecture Notes in Computer Science.

[59]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.