Department of Computer Science and Technology, Jilin University, Changchun, China

---

Abstract—In 2006, Fagen LI et al. proposed an efficient identitybased signcryption scheme and declared that this scheme had the attributes of privacy, unforgeability, public verifiability, and many other important attributes. However, we find that scheme does not meet the attributes which the author’s declared. Actually, an active attacker with the capacity of controlling the communication channel can replace the public key of the sender to forge a cipher text which can pass the unsigncrypt phase without need to steal the private key of the sender. Then we analyze the reason lead to the attacks and suggest a possible way to overcome it. In 2009, Xiao LI et al. also found a method to forge a cipher text on the scheme of Fagen LI et al. and proposed an improved scheme. However we find a forged cipher text still can be constructed using the public key replacement attack. Next, we point out the flaws in their scheme which our attack based on and propose the corresponding enhanced schemes. In addition, we show that another identity-based multisigncryption scheme is insecure against the key replacement attack as well. In their scheme, an active attacker can replace the signcrypter’s public key and forge a valid cipher text to pass the examination of the receiver without the knowledge of the signcrypter’s private key. We discuss the flaws which lead to our attack succeeding to forge the valid cipher text and add the corresponding solution at last.

Index Terms—Public key replacement, identity-based, signcryption, multi-signcryption.

[PDF]

Cite: Wei Yuan, Liang Hu, Hongtu Li, Jianfeng Chu, Yuyu Sun, "Analysis and enhancement of three identity-based signcryption protocols," Journal of Computers vol. 7, no. 4, pp. 1006-1013, 2012.