Abstract
To make authenticated encryption which provides confidentiality and authenticity of a message simultaneously, a signcryption scheme uses asymmetric primitives, such as an asymmetric encryption scheme for confidentiality and a signature scheme for authentication. Among the signcryption schemes, the hybrid signcryption schemes are the signcryption schemes that use a key agreement scheme to exchange a symmetric encryption key, and then encrypt a plaintext using a symmetric encryption scheme. The hybrid signcryption schemes are specially efficient for signcrypting a bulk data because of its use of a symmetric encryption. Hence to achieve the joint goals of confidentiality and authenticity in most practical implementation, hybrid signcryption schemes are commonly used. In the paper, we study the properties of signcryption and propose a new generic hybrid signcryption scheme called DHEtS using encrypt-thensign composition method. DHEtS uses a symmetric encryption scheme, a signature scheme, and the DH key agreement scheme. We analyze DHEtS with respect to the properties of signcryption, and show that DHEtS provides non-repudiation and public verifiability. DHEtS is the first provable secure signcryption schemes with public verifiability. If encrypting and signing components of DHEtS can use the same random coins, the computational cost and the size of a signcryption would be greatly reduced.We show the conditions of signing component to achieve randomness-efficiency.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
J.H. An. Authenticated Encryption in the Public-Key Setting: Security Notions and Analyses. Report 2001/079, Cryptology ePrint Archive, http://eprint.iacr.org/, 2001. 16, 17, 18
M. Abdalla, M. Bellare, and P. Rogaway. The Oracle Diffie-Hellman assumptions and an analysis of DHIES. CT-RSA 2001, volume 2020 of Lecture Notes in Computer Science, pages 143–158. Springer Verlag, 2001. 19
J.H. An, Y. Dodis, and T. Rabin. On the Security of Joint Signature and Encryption. Advances in Cryptology-EUROCRYPT 2002, volume 2332 of Lecture Notes in Computer Science, pages 83–107, Springer Verlag, 2002. 17, 18
M. Bellare, A. Desai, E. Jokipii, and P. Rogaway. A Concrete Security Treatment of Symmetric Encryption: Analysis of DES Modes of Operation. Proceedings of the 38th Symposium on Foundations of Computer Science, IEEE, 1997. 19
M. Bellare, A. Desai, D. Pointcheval, and P. Rogaway. Relations among notions of security for public-key encryption schemes. Advances in Cryptology-Crypto’98, volume 1462 of Lecture Notes in Computer Science, Springer Verlag, 1998.
M. Bellare and C. Namprempre. Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. Advances in Cryptology-Asiacrypt 2000, volume 1976 of Lecture Notes in Computer Science, pages 531–545, Springer Verlag, 2000. 16, 17, 18, 19
J. Baek, R. Steinfeld, and Y. Zheng. Formal Proofs for the Security of Signcryption. Public Key Cryptography 2002, volume 2274 of Lecture Notes in Computer Science, pages 80–98, Springer Verlag, 2002. 18
W.-H. He and T.-C. Wu. Cryptanalysis and improvement of Petersen-Michels signcryption schemes. IEE Proc.-Computers and Digital Techniques, 146(2): pp. 123–124, 1999. 16
P. Horster, M. Michels, and H. Petersen. Authenticated encryption schemes with low communication costs. Technical Report TR-94-2-R, University of Technology, Chemnitz-Zwickau, 1994. appeared in Electronic Letters, Vol. 30, No. 15, 1994. 16, 18
H. Krawczyk. The order of encryption and authentication for protecting communications (Or: how secure is SSL?). Advances in Cryptology-Crypto 2001, volume 2139 of Lecture Notes in Computer Science, Springer Verlag, 2001.
J. Katz and M. Yung. Complete Characterization of Security Notions for Probabilistic Private-Key Encryption. Proceedings of the 32nd Annual Symposium on the Theory of Computing, ACM, 2000. 19
H. Petersen and M. Michels. Cryptanalysis and improvement of signcryption schemes. IEE Proc.-Computers and Digital Techniques, 145(2), pp. 149–151, 1998. 16
David Pointcheval and Jacques Stern. Security Arguments for Digital Signatures and Blind Signatures. Journal of Cryptology, 13(3), pp. 361–396, 2000. 25
Y. Zheng. Digital signcryption or how to achieve cost(signature & encryption) ≪ cost(signature) + cost(encryption). Advances in Cryptology-Crypto’97, volume 1294 of Lecture Notes in Computer Science, pages 165–179, Springer Verlag, 1997. 16, 18
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Rae Jeong, I., Yun Jeong, H., Sook Rhee, H., Hoon Lee, D., In Lim, J. (2003). Provably Secure Encrypt-then-Sign Composition in Hybrid Signcryption. In: Lee, P.J., Lim, C.H. (eds) Information Security and Cryptology — ICISC 2002. ICISC 2002. Lecture Notes in Computer Science, vol 2587. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36552-4_2
Download citation
DOI: https://doi.org/10.1007/3-540-36552-4_2
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00716-6
Online ISBN: 978-3-540-36552-5
eBook Packages: Springer Book Archive