Security Analysis of an Enhanced Certificateless Signcryption in the Standard Model

  • Yumin YuanEmail author


Quite recently, Luo and Wan putted forward a new certificateless signcryption (CLSC) scheme with low computation cost in the standard model. They stated that their newly proposed scheme achieves the unforgeability against adaptive chosen message attack (i.e, unforgeability) and indistinguishability against adaptive chosen ciphertext attack (i.e., confidentiality). However, we find that the scheme cannot reach the claimed security feature. Specifically, in this paper, we will demonstrate that in Luo and Wan’s CLSC scheme, the plaintext can be easily recovered from the ciphertext by ordinary attacker and malicious-but-passive KGC. In addition, we identify that this scheme even cannot resist forgery attack of a malicious KGC.


Certificateless cryptography Signcryption Message unforgeability Message confidentiality Standard model 



This work was supported by the Education and Research Foundation of Fujian Province of China for young and middle-aged teacher (Grant No. JAT160350).


  1. 1.
    Zheng Y. (1997) Digital signcryption or how to achieve cost(signature & encryption) « cost(signature) + cost(encryption). In B. S. Kaliski (Eds.), Advances in Cryptology—CRYPTO '97. CRYPTO 1997. Lecture Notes in Computer Science, Vol. 1294. Springer: Berlin, Heidelberg.Google Scholar
  2. 2.
    Hwang, R. J., Lai, C. H., & Su, F. F. (2005). An efficient signcryption scheme with forward secrecy based on elliptic curve. Applied Mathematics and Computation,167(2), 870–881.MathSciNetCrossRefGoogle Scholar
  3. 3.
    Li, C. K., Yang, G. M., Wong, D. S., Deng, X. T., & Chow, S. S. M. (2010). An efficient signcryption scheme with key privacy and its extension to ring signcryption. Journal of Computer Security,18(3), 451–473.CrossRefGoogle Scholar
  4. 4.
    Li, X., Qian, H., Weng, J., & Yu, Y. (2013). Fully secure identity-based signcryption scheme with shorter signcryptext in the standard model. Mathematical and Computer Modelling,57(3–4), 503–511.MathSciNetCrossRefGoogle Scholar
  5. 5.
    Karati, A., Islam, S. K. H., Biswas, G. P., et al. (2018). Provably secure identity-based signcryption scheme for crowdsourced industrial internet of things environments. IEEE Internet of Things Journal,5(4), 2904–2914.CrossRefGoogle Scholar
  6. 6.
    Barbosa, M., & Farshim, P. (2008). Certificateless signcryption. In Proceedings of the 2008 ACM symposium on information, computer and communications security (ASIACCS08) (pp. 369–372). New York: ACM.Google Scholar
  7. 7.
    Liu, Z., Hu, Y., Zhang, X., et al. (2010). Certificateless signcryption scheme in the standard model. Information Sciences,180(3), 452–464.MathSciNetCrossRefGoogle Scholar
  8. 8.
    Jin, Z., Wen, Q., & Zhang, H. (2010). A supplement to Liu et al.’s certiicateless signcryption scheme in the standard model. Cryptology ePrint Archive, Retrieved from Accessed 3 May 2010.
  9. 9.
    Xiong, H. (2014). Toward certiicateless signcryption scheme without random oracles. Cryptology ePrint Archive, Retrieved from Accessed 3 March 2014.
  10. 10.
    Zhou, C. X., Gao, G. Y., & Cui, Z. M. (2017). Certificateless signcryption in the standard model. Wireless Personal Communications,92(2), 495–513.CrossRefGoogle Scholar
  11. 11.
    Luo, M., & Wan, Y. (2018). An enhanced certificateless signcryption in the standard model. Wireless Personal Communications,98(3), 2693–2709.CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2020

Authors and Affiliations

  1. 1.School of Applied MathematicsXiamen University of TechnologyXiamenChina

Personalised recommendations