Research On Signcryption Schemes With Additional Properties And Their Application

Signcryption is an effective cryptographic primitive, which simultaneously fulfilsboth the functions of encryption and signature with much lower cost than traditionalschemes; it is an ideal method to provide confidentiality and unforgeabilitysimultaneously. In addition to the basic security requirement of signcryption,signcryption with additional properties proves to be applicable to differentenvironment with its superior additional properties. With the development of networkand information sciences, signcryption schemes with additional properties are playingan increasingly important role in many electronic transactions. The dissertationfocuses on the design and analysis of secure, efficient and applicable signcryptionschemes with additional properties, the main contributions of which are summarizedas follows.First, we put forward an efficient publicly verifiable signcryption S-ECSC withsecurity proof of confidentiality in IND-CCA2model and unforgeability in UF-CMAmodel and non-repudiation in Random Oracle model. As per the efficiency analysis,S-ECSC achieves an average80%reduction in computation cost compared withtypical discrete logarithm, RSA based signcryption schemes, and has the lowestcommunication cost in Elgamal type signcryptions. At last, we take distributed keymanagement protocol in IOT as an application example of S-ECSC for secureprotocols. Besides, we put forward a signcryption scheme with forward security and apublicly verifiable signcryption with forward security; make detailed analyses on thesecurity and addition properties, including forward security and public verifiability.Efficiency comparison with other typical schemes justifies their application toresource-constrained circumstances owing to their lower cost for the same security.As to proxy signcryption schemes, we propose a provably secure anonymousproxy authorization scheme ECPAS and analyze its unforgeability in adaptive chosenmessages attack model and non-repudiation security. Besides, comparison is madewith other typical schemes as to computation and communication cost. Then we putforward an efficient proxy signcryption scheme with public verifiability, and prove itsconfidentiality in IND-CCA2model, unforgeability in UF-CMA model,non-repudiation property and additional properties, such as distinguishability,identifiability, controllability and verifiability. The scheme achieves about an80% reduction in computation and communication cost,70%improvement incommunication efficiency. Based on the (t, n) threshold cryptosystem, we propose anapplicable threshold proxy signcryption scheme, which achieves basic security ofsigncryption and other additional properties, including public verifiability, perfectthreshold sharing, coalition-resistance and robustness.As regard to multi-party signcryption schemes, we put forward a new conceptGMS (Generalized Multi-party Signcryption) at first, and then propose an efficientmulti-signcryption scheme with forward security on elliptic curves. In addition to thebasic security of signcryption, the multi-signcryption scheme also achieves flexibilityin message and sequence, forward security, robustness and verifiability. As toefficiency, the scheme achieves about80%reduction in computation cost andsignificant improvement in communication cost. In the study of group-orientedsigncryption, we put forward a publicly verifiable broadcast signcryption scheme withprovable security and its ECC based formal definition and security model, with whichwe prove the confidentiality, unforgeability, non-repudiation and other additionalproperties of the new scheme. The high efficiency of the new scheme ensures its batchprocessing of messages for group oriented communication. Then we propose anefficient provably secure ring signcryption with detailed analysis on its security andanonymity. As to its application to secure protocols, an anonymous digital fingerprintscheme is proposed based on ring signcryption, which achieves unforgeability,anonymity, traceability, unlinkability and fairness with the anonymity of ringsigncryption. Besides, the digital fingerprint and ring signcryption scheme are bothacceptable for their high efficiency. Last but not the least, we put forward a publiclyverifiable partially blind signcryption with formal definition and security model ofECC based blind signcryption. Analyses are also made to prove its security, blindness,unlinkability and public verifiability. By improving the partially blind signature ofAbe and Okamoto, we put forward an off-line electronic cash scheme based on blindsigncryption with security and applicability analysis, which also proves the traceableanonymity from partially blind signcryption.