Cryptoanalysis of Two Signcryption Schemes

2009 Fifth International Conference on Information Assurance and Security Pub Date : 2009-08-18 DOI:10.1109/IAS.2009.101

Jianhong Zhang, Qin Geng

{"title":"Cryptoanalysis of Two Signcryption Schemes","authors":"Jianhong Zhang, Qin Geng","doi":"10.1109/IAS.2009.101","DOIUrl":null,"url":null,"abstract":"Certificateless PKC and self-certified PKC are two new public key systems. They remove the necessity of certificate to ensure the authentication of the user's public key in CB-PKC and also overcome the inherent key escrow problem in IB-PKC. Recently, Zhang et.al proposed a self-certified signcryption scheme, and Wu et.al gave a certificateless signcryption scheme. However, in this paper, we analyze the security of Zhang\\emph{ et.al}'s self-certified signcryption scheme and Wu \\emph{et.al} certificateless signcryption scheme, and show that the two signcryption schemes are insecure though the two schemes were proven to be secure under the random oracle model in \\cite{mu} and \\cite{wu}. In the self-certified signcryption scheme, a malicious user can forge a signcryption on an arbitrary message $m$ without CA's authentication. In Wu\\emph{et.al}'s certificateless signcryption scheme, confidentiality of signcryption is not satisfied. Namely, the scheme is not against chosen ciphertext attack. Finally, we give the corresponding attack,and to overcome the above flaws, we also discuss the corresponding improved method, respectively.","PeriodicalId":240354,"journal":{"name":"2009 Fifth International Conference on Information Assurance and Security","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 Fifth International Conference on Information Assurance and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IAS.2009.101","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Certificateless PKC and self-certified PKC are two new public key systems. They remove the necessity of certificate to ensure the authentication of the user's public key in CB-PKC and also overcome the inherent key escrow problem in IB-PKC. Recently, Zhang et.al proposed a self-certified signcryption scheme, and Wu et.al gave a certificateless signcryption scheme. However, in this paper, we analyze the security of Zhang\emph{ et.al}'s self-certified signcryption scheme and Wu \emph{et.al} certificateless signcryption scheme, and show that the two signcryption schemes are insecure though the two schemes were proven to be secure under the random oracle model in \cite{mu} and \cite{wu}. In the self-certified signcryption scheme, a malicious user can forge a signcryption on an arbitrary message $m$ without CA's authentication. In Wu\emph{et.al}'s certificateless signcryption scheme, confidentiality of signcryption is not satisfied. Namely, the scheme is not against chosen ciphertext attack. Finally, we give the corresponding attack,and to overcome the above flaws, we also discuss the corresponding improved method, respectively.

查看原文本刊更多论文

两种签名加密方案的密码分析

无证书PKC和自认证PKC是两种新的公钥系统。它消除了CB-PKC中使用证书来保证用户公钥认证的必要性，也克服了IB-PKC中固有的密钥托管问题。最近，Zhang等人提出了一种自认证签名加密方案，Wu等人提出了一种无证书签名加密方案。然而，本文分析了Zhang \emph{ 等等。}的自认证签名加密方案和Wu \emph{等等。}的无证书签名加密方案的安全性，并证明了这两种签名加密方案是不安全的，尽管这两种方案在\cite{mu}和\cite{wu}的随机oracle模型下证明了它们的安全性。在自认证签名加密方案中，恶意用户可以在任意消息$m$上伪造签名加密，而无需CA的认证。在\emph{好吧。}的无证书签名加密方案中，签名加密的保密性不能得到满足。也就是说，该方案不反对所选密文攻击。最后给出了相应的攻击方法，并针对上述缺陷分别讨论了相应的改进方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2009 Fifth International Conference on Information Assurance and Security

自引率

0.00%

发文量