Post-Quantum Secure Hybrid Signcryption from Lattice Assumption
نویسندگان
چکیده
Motivated by the demand to have secure signcryption scheme, even in quantum era, the concept of signcryption tag-KEM (key encapsulation machine) is extended to lattice cryptography in this paper. A lattice-based hybrid signcryption scheme is proposed by building a lattice-based signcryption tag-KEM. Based on the hardness of the learning with errors problem and the short integer solution problem, the proposed hybrid signcryption is provable secure in the random oracle model. Furthermore, according to the quantum intractability assumption about lattice problem, the proposed hybrid signcryption scheme is secure even on quantum computers.
منابع مشابه
Post-Quantum Secure Onion Routing
The onion routing (OR) network Tor provides anonymity to its users by routing their encrypted traffic through three proxies (or nodes). The key cryptographic challenge, here, is to establish symmetric session keys using a secure key exchange between the anonymous users and the selected nodes. The Tor network currently employs a one-way authenticated key exchange (1W-AKE) protocol ntor for this ...
متن کاملAn efficient certificateless signcryption scheme in the standard model
Certificateless public key cryptography (CL-PKC) is a useful method in order to solve the problems of traditional public key infrastructure (i.e., large amount of computation, storage and communication costs for managing certificates) and ID-based public key cryptography (i.e., key escrow problem), simultaneously. A signcryption scheme is an important primitive in cryptographic protocols which ...
متن کاملPost-Quantum Forward-Secure Onion Routing
The onion routing (OR) network Tor provides anonymity to its users by routing their encrypted traffic through three proxies (or nodes). The key cryptographic challenge, here, is to establish symmetric session keys using a secure key exchange between the anonymous user and the selected nodes. The Tor network currently employs a one-way authenticated key exchange (1W-AKE) protocol ntor for this p...
متن کاملCryptanalysis and Improvement of a Multi-Receiver Generalized Signcryption Scheme
Generalized signcryption (GSC) scheme can adaptively work as an encryption scheme, a signature scheme or a signcryption scheme with only one algorithm. It is very suitable for storage-constrained environments. In this paper, we analyze a multi-receiver GSC scheme, and show that it cannot achieve indistinguishability-adaptive chosen ciphertext attack (IND-CCA2) secure in the pure encryption mode...
متن کاملHybrid Signcryption Schemes with Outsider Security
This paper expands the notion of a KEM–DEM hybrid encryption scheme to the signcryption setting by introducing the notion of a signcryption KEM, a signcryption DEM and a hybrid signcryption scheme. We present the security criteria that a signcryption KEM and DEM must satisfy in order that the overall signcryption scheme is secure against outsider attacks. We also present ECISS–KEM — a simple, e...
متن کامل