Cryptanalysis and Improvement of a Proxy Signcryption Scheme in the Standard Computational Model

Abstract

Proxy signcryption is essential security primitive for emerging secure communication such as e-business, mobile agents, online voting, contract signing, and online auction. It combines the functionality of a proxy signature and encryption to achieve basic security features maintaining a low computational and communicational cost. Ming proposed Proxy Signcryption (PSC) scheme in the standard computational model, claimed it to be secured against: (1) Indistinguishable Chosen Ciphertext Attack (IND-CCA) under the Decisional Bi-linear Diffie-Hellman (DBDH) assumption (2) Existentially Unforgeable Chosen Message Attack (EUF-CMA) under the Computational Diffie Hellman (CDH) assumption. This paper first provides a security analysis to check the correctness and validity of the said PSC scheme. Furthermore, it proves PSC is vulnerable to the launched cryptanalysis attacks. It is established that the PSC is neither semantically secured against IND-CCA nor existentially secured against EUF-CMA in its defined security model. Secondly, we propose an improved new proxy signcryption scheme (N-PSC) based on Elliptic Curve Cryptosystem (ECC) without bi-linear pairing secure against IND-CCA and EUF-CMA for Type-1 adversary A 1 in the standard computational model. It is also proved that the new proposed N-PSC scheme achieves an extra security property of judge verification in case of signature dispute between the proxy correspondents, as well as it outperforms the existing states of the art schemes including the Ming scheme in terms of cost efficiency which makes the new proposed scheme suitable for scarce resources constraint proxy enabled communication applications.