Visible to the public Biblio

Filters: Keyword is IND-CCA2 security  [Clear All Filters]
2015-05-06
Yueying Huang, Jingang Zhang, Houyan Chen.  2014.  On the security of a certificateless signcryption scheme. Electronics, Computer and Applications, 2014 IEEE Workshop on. :664-667.

Signcryption is a cryptographic primitive that simultaneously realizes both the functions of public key encryption and digital signature in a logically single step, and with a cost significantly lower than that required by the traditional “signature and encryption” approach. Recently, an efficient certificateless signcryption scheme without using bilinear pairings was proposed by Zhu et al., which is claimed secure based on the assumptions that the compute Diffie-Hellman problem and the discrete logarithm problem are difficult. Although some security arguments were provided to show the scheme is secure, in this paper, we find that the signcryption construction due to Zhu et al. is not as secure as claimed. Specifically, we describe an adversary that can break the IND-CCA2 security of the scheme without any Unsigncryption query. Moreover, we demonstrate that the scheme is insecure against key replacement attack by describing a concrete attack approach.