Hybrid Cryptography

This paper considers the idea that other schemes besides asymmetric encryption schemes can benefit from a formalisation of the principles of hybrid cryptography. The main focus of research in hybrid cryptography has been in producing efficient asymmetric encryption schemes. Not only have several schemes been proposed, but also a generic method of constructing hybrid encryption schemes from lowerlevel primitives with independent security criteria. There has also been some work on producing hybrid signcryption schemes, but, so far, no independent generic construction paradigms have been proposed for the signcryption setting. We review the generic KEM–DEM construction for a hybrid encryption scheme, as proposed by Cramer and Shoup [18, 37], and consider the problems associated with extending the ideas behind the KEM–DEM construction to digital signature schemes and signcryption schemes. This paper shows that it is possible to construct very simple hybrid signcryption schemes with outsider security, in a manner similar to the generic construction for a hybrid encryption scheme. However we have to extend the construction significantly in order to propose a generic hybrid construction for a signcryption scheme with insider security. In passing, we note that it is not possible to construct efficient hybrid signature schemes.