A quantum resistant multi-user signcryption scheme featuring key invisibility for Internet of Things

Abstract

With the advent of ubiquitous computing, multiple heterogeneous devices have evolved with increased connectivity, yielding the Internet of Things (IoT). For establishing secure communication, IoT has effectively become a primary security concern. The massive connectivity of the resource-constrained devices in IoT and enormous data on the air have made information vulnerable to several types of attacks. Although several resource-intensive cryptographic algorithms have been proposed to combat this security threat, signcryption has been identified as a sound solution for such an application.In this work, we propose an isogeny-based signcryption scheme by integrating HyPKE, an isogeny-based encryption scheme with an isogeny-based signature SeaSign based on Fiat Shamir with aborts. Apart from confidentiality and authenticity requirements, our scheme also achieves ciphertext anonymity and key invisibility, unlike the existing signcryption schemes in the post-quantum world. More positively, our security model considers insider attacks, supports multi-users setting and offers non-repudiation. Our work also studies the key privacy notion of the isogeny-based encryption scheme Hashed-PKE, which can be of independent interest in designing several anonymous channels or privacy-preserving protocols. More precisely, we showed Hashed-PKE achieves indistinguishability of keys against chosen-plaintext attack. This leads to the indistinguishability of keys against chosen-ciphertext attack security of HyPKE, a hybrid encryption scheme that is obtained by applying the Fujisaki Okamoto transformation to Hashed-PKE. We have proved our result in the standard model assuming the hardness of the Commutative Supersingular Decisional Diffie–Hellman assumption.