Abstract
In 2006, Fagen LI et al. proposed an efficient identity-based signcryption scheme and declared that this scheme had the attributes of privacy, unforgeability, public verifiability, repudiation and forward security. After detailed analysis, we find that scheme does not meet the attributes which the author’s declared. Actually, an active attacker with the capacity of controlling the communication channel can replace the public key of the sender to forge a cipher text which can pass the unsigncrypt phase but don’t need to steal the private key of the sender. In 2009, Xiao LI et al. also found a method to forge a cipher text on the scheme of Fagen LI et al. Further, they proposed an improved identity-based signcryption scheme and declared their improved scheme had the attributes mentioned above. However we find a forged cipher text still can be constructed using the public key replacement attack. Finally, we point out the flaws in their schemes which our attack based on and proposed two corresponding enhanced schemes. In additional, we show that another Identity-Based Multi-Signcryption Scheme proposed by MENG Tao et al. in 2007 is insecure against the key replacement attack as well. In their scheme, an active attacker can replace the signcrypter’s public key and forge a valid cipher text to pass the examination of the receiver without the knowledge of the signcrypter’s private key. we discuss the flaws which lead to our attack succeeding to forge the valid cipher text and add the corresponding solution at last.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.