On the Security of Some Recently Proposed Certificateless Signcryption Schemes

Abstract

A certificateless signcryption (CL-SC) scheme is an important cryptographic primitive which provides the goals of a signature scheme (i.e. the unforgeability) and an encryption scheme (i.e. the confidentiality) both at once, in a certificateless setting. The certificateless public key cryptography (CL-PKC) setting, makes it possible to overcome the problems of the conventional public key infrastructure (i.e. the certificates management) and the ID-Based public key cryptography (i.e. the key escrow problem), concurrently. Recently, Caixue [4], Shan [16] and Ullah et al. [17] have proposed CL-SC schemes. In this paper, these schemes are analyzed. Some attacks are designed which show that Caixue’s scheme is easily forgeable and Shan’s scheme is forgeable against a malicious key generation center (KGC). Moreover, it is shown that Ullah et al.’s scheme has basic errors in its algorithms, as it does not even satisfy the correctness of the verification algorithm and it is not a CL-SC scheme at all.