A code-based hybrid signcryption scheme

Abstract

Abstract A key encapsulation mechanism ( KEM {\mathsf{KEM}} ) that takes as input an arbitrary string, i.e., a tag, is known as tag- KEM {\mathsf{KEM}} , while a scheme that combines signature and encryption is called signcryption. In this article, we present a code-based signcryption tag- KEM {\mathsf{KEM}} scheme. We utilize a code-based signature and an IND - CCA2 {\mathsf{IND}}\hspace{0.1em}\text{-}\hspace{0.1em}{\mathsf{CCA2}} (adaptive chosen ciphertext attack) secure version of McEliece’s encryption scheme. The proposed scheme uses an equivalent subcode as a public code for the receiver, making the NP-completeness of the subcode equivalence problem be one of our main security assumptions. We then base the signcryption tag- KEM {\mathsf{KEM}} to design a code-based hybrid signcryption scheme. A hybrid scheme deploys asymmetric- as well as symmetric-key encryption. We give security analyses of both our schemes in the standard model and prove that they are secure against IND - CCA2 {\mathsf{IND}}\hspace{0.1em}\text{-}\hspace{0.1em}{\mathsf{CCA2}} (indistinguishability under adaptive chosen ciphertext attack) and SUF - CMA {\mathsf{SUF}}\hspace{0.1em}\text{-}\hspace{0.1em}{\mathsf{CMA}} (strong existential unforgeability under chosen message attack).