Lu Yang, Li Jiguo
College of Computer and Information Engineering, Hohai University, No. 8, Focheng Xi Road, Jiangning District, Nanjing, Jiangsu 211100, China.
ScientificWorldJournal. 2014;2014:295419. doi: 10.1155/2014/295419. Epub 2014 May 12.
Signcryption is a useful cryptographic primitive that achieves confidentiality and authentication in an efficient manner. As an extension of signcryption in certificate-based cryptography, certificate-based signcryption preserves the merits of certificate-based cryptography and signcryption simultaneously. In this paper, we present an improved security model of certificate-based signcryption that covers both public key replacement attack and insider security. We show that an existing certificate-based signcryption scheme is insecure in our model. We also propose a new certificate-based signcryption scheme that achieves security against both public key replacement attacks and insider attacks. We prove in the random oracle model that the proposed scheme is chosen-ciphertext secure and existentially unforgeable. Performance analysis shows that the proposed scheme outperforms all the previous certificate-based signcryption schemes in the literature.
签密是一种有用的密码原语,它能以高效的方式实现保密性和认证性。作为基于证书的密码学中对签密的扩展,基于证书的签密同时保留了基于证书的密码学和签密的优点。在本文中,我们提出了一种改进的基于证书的签密安全模型,该模型涵盖了公钥替换攻击和内部安全性。我们表明,在我们的模型中,现有的基于证书的签密方案是不安全的。我们还提出了一种新的基于证书的签密方案,该方案能实现针对公钥替换攻击和内部攻击的安全性。我们在随机预言模型中证明,所提出的方案是选择密文安全的且存在不可伪造的。性能分析表明,所提出的方案优于文献中所有先前的基于证书的签密方案。
