Strong Forward Security in Identity-Based Signcryption

摘要

Due to the possibility of key exposure, forward security in encryption and signing has been well studied, especially in the identity-based setting where an entity's public key is that entity's name. From an efficiency point of view, one would like to use the signcryption primitive and have the best of both worlds. However, strong forward security, where the adversary cannot signcrypt in sender's name nor designcrypt in receiver's name for past time periods even if it has the secrets of both, requires periodic updating of the secret keys of the users. This is an improvement over signcryption schemes that only protect against designcrypting in the past. In this paper, we propose the first ever strong forward secure identity-based signcryption scheme which has public ciphertext verifiability and a third-party verification protocol.