Leakage-Free and Provably Secure Certificateless Signcryption Scheme Using Bilinear Pairings

摘要

Signcryption schemes play a vital role to accomplish confidentiality, integrity, authentication and non-repudiation of messages simultaneously. In the literature, many certificateless signcryption (CLSC) schemes have been designed; however, most of them are vulnerable to ephemeral secret leakage (ESL) attack. In these schemes, sender uses an ephemeral secret to compute a ciphertext on a message. However, there is a possibility to compromise the ephemeral secret, since it is generally pre-computed and stored in an insecure device. Furthermore, it is generated by an external source, which can be controlled by an adversary. Thus, from the knowledge of compromised ephemeral secret, an adversary may calculate the private key of the sender and the message from the eavesdropped ciphertext, and this problem is called ESL attack. In this paper, we proposed a leakage-free CLSC, which is secure against ESL attack in the random oracle model. The proposed scheme provides confidentiality under the Co-Bilinear Diffie-Hellman (Co-BDH) assumption and unforgeability based on Co-Computational Diffie-Hellman assumption.