Improvements and generalisations of signcryption schemes

Zhang, Wei

January 2014

In this work, we study the cryptographic primitive: signcryption, which combines the functionalities of digital signatures and public-key encryption. We first propose two generic transforms from meta-ElGamal signature schemes to signcryption schemes. These constructions can be thought of as generalisations of the signcryption schemes by Zheng and Gamage et al. Our results show that a large class of signcryption schemes are outsider IND-CCA2 secure and insider UF-CMA secure. As a by-product, we also show that the meta-ElGamal signature schemes, for which no previous formal security proofs have been shown, are UF-CMA secure. We then propose a modification of one of the transforms in order to achieve insider IND-CCA2 security in addition to insider UF-CMA security. This modification costs just one extra exponential operation. In particular, we can apply this modification to the Zheng signcryption scheme to make it fully insider secure. Finally, we propose a generic transform from a two-key signcryption scheme to a one-key signcryption scheme while preserving both confidentiality and unforgeability. Our result shows that if we have an insider IND-CCA2 and UFCMA secure two-key signcryption scheme, then it can be turned into an insider IND-CCA2 and UF-CMA secure one-key signcryption scheme. We also show that an insider IND-CCA2 and UF-CMA secure one-key signcryption scheme induces a secure combined public-key scheme; that is, a combination of a signature scheme and a public-key encryption scheme that can securely share the same key pair. Combining previous results suggests that we can obtain a large class of insider secure one-key signcryption schemes from meta-ElGamal signature schemes, and that each of them can induce a secure combined public-key scheme.

005.8

Attribute-Based Proxy Re-Encryption

Chen, Chun-Hung

30 August 2012

Cloud computing has been developed rapidly in recent years, and offers novel concepts and innovations in computer use. One application of cloud computing is that people can designate a proxy to help them to execute a number of tasks in certain situations instead of undertaking all tasks themselves. With this application, people can benefit from the proxy; however, some information is revealed to the proxy, such as their activities, and private data. That is, the proxy is aware of the actions of people through delegation processes, and proxy re-encryption which is a cryptographic primitive has been proposed to solve this problem. In the proxy re-encryption system, when a user (e.g., Alice) wants to send a ciphertext that is encrypted by her secret key and stored in the cloud to another user (e.g., Bob), she can designate a proxy to transform the ciphertext into a different ciphertext that can be decrypted by Bob¡¦s private key. Based on attribute-based encryption and proxy re-encryption, we propose attribute-based proxy re-encryption with bilinear pairing. Furthermore, in the proposed scheme, third paries cannot decrypt the ciphertext if they do no have matching attributes, regardless of being helped by proxy. Finally, we offer security proofs to demonstrate that the proposed scheme satisfies the essential requirements of attribute-based encryption schemes and proxy re-encryption schemes.

Proxy Re-Encryption

Attribute-based encryption

Bilinear pairing

Cryptographic primitive

Cloud computing