### Abstract

To make authenticated encryption which provides confidentiality and authenticity of a message simultaneously, a signcryption scheme uses asymmetric primitives, such as an asymmetric encryption scheme for confidentiality and a signature scheme for authentication. Among the signcryption schemes, the hybrid signcryption schemes are the signcryption schemes that use a key agreement scheme to exchange a symmetric encryption key, and then encrypt a plaintext using a symmetric encryption scheme. The hybrid signcryption schemes are specially efficient for signcrypting a bulk data because of its use of a symmetric encryption. Hence to achieve the joint goals of confidentiality and authenticity in most practical implementation, hybrid signcryption schemes are commonly used. In the paper, we study the properties of signcryption and propose a new generic hybrid signcryption scheme called DHEtS using encrypt-then-sign composition method. DHEtS uses a symmetric encryption scheme, a signature scheme, and the DH key agreement scheme. We analyze DHEtS with respect to the properties of signcryption, and show that DHEtS provides non-repudiation and public verifiability. DHEtS is the first provable secure signcryption schemes with public verifiability. If encrypting and signing components of DHEtS can use the same random coins, the computational cost and the size of a signcryption would be greatly reduced. We show the conditions of signing component to achieve randomness-efficiency.

Original language | English |
---|---|

Pages (from-to) | 16-34 |

Number of pages | 19 |

Journal | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |

Volume | 2587 |

Publication status | Published - 2003 Dec 1 |

### Fingerprint

### Keywords

- Authenticated encryption
- Authenticity
- Confidentiality
- Encrypt-then-sign
- Non-repudiation
- Public verifiability
- Signcryption

### ASJC Scopus subject areas

- Computer Science(all)
- Biochemistry, Genetics and Molecular Biology(all)
- Theoretical Computer Science

### Cite this

**Provably secure encrypt-then-sign composition in hybrid signcryption.** / Jeong, ik rae; Jeong, Hee Yun; Rhee, Hyun Sook; Lee, Dong Hoon; Lim, Jong In.

Research output: Contribution to journal › Article

}

TY - JOUR

T1 - Provably secure encrypt-then-sign composition in hybrid signcryption

AU - Jeong, ik rae

AU - Jeong, Hee Yun

AU - Rhee, Hyun Sook

AU - Lee, Dong Hoon

AU - Lim, Jong In

PY - 2003/12/1

Y1 - 2003/12/1

N2 - To make authenticated encryption which provides confidentiality and authenticity of a message simultaneously, a signcryption scheme uses asymmetric primitives, such as an asymmetric encryption scheme for confidentiality and a signature scheme for authentication. Among the signcryption schemes, the hybrid signcryption schemes are the signcryption schemes that use a key agreement scheme to exchange a symmetric encryption key, and then encrypt a plaintext using a symmetric encryption scheme. The hybrid signcryption schemes are specially efficient for signcrypting a bulk data because of its use of a symmetric encryption. Hence to achieve the joint goals of confidentiality and authenticity in most practical implementation, hybrid signcryption schemes are commonly used. In the paper, we study the properties of signcryption and propose a new generic hybrid signcryption scheme called DHEtS using encrypt-then-sign composition method. DHEtS uses a symmetric encryption scheme, a signature scheme, and the DH key agreement scheme. We analyze DHEtS with respect to the properties of signcryption, and show that DHEtS provides non-repudiation and public verifiability. DHEtS is the first provable secure signcryption schemes with public verifiability. If encrypting and signing components of DHEtS can use the same random coins, the computational cost and the size of a signcryption would be greatly reduced. We show the conditions of signing component to achieve randomness-efficiency.

AB - To make authenticated encryption which provides confidentiality and authenticity of a message simultaneously, a signcryption scheme uses asymmetric primitives, such as an asymmetric encryption scheme for confidentiality and a signature scheme for authentication. Among the signcryption schemes, the hybrid signcryption schemes are the signcryption schemes that use a key agreement scheme to exchange a symmetric encryption key, and then encrypt a plaintext using a symmetric encryption scheme. The hybrid signcryption schemes are specially efficient for signcrypting a bulk data because of its use of a symmetric encryption. Hence to achieve the joint goals of confidentiality and authenticity in most practical implementation, hybrid signcryption schemes are commonly used. In the paper, we study the properties of signcryption and propose a new generic hybrid signcryption scheme called DHEtS using encrypt-then-sign composition method. DHEtS uses a symmetric encryption scheme, a signature scheme, and the DH key agreement scheme. We analyze DHEtS with respect to the properties of signcryption, and show that DHEtS provides non-repudiation and public verifiability. DHEtS is the first provable secure signcryption schemes with public verifiability. If encrypting and signing components of DHEtS can use the same random coins, the computational cost and the size of a signcryption would be greatly reduced. We show the conditions of signing component to achieve randomness-efficiency.

KW - Authenticated encryption

KW - Authenticity

KW - Confidentiality

KW - Encrypt-then-sign

KW - Non-repudiation

KW - Public verifiability

KW - Signcryption

UR - http://www.scopus.com/inward/record.url?scp=33645379582&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33645379582&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:33645379582

VL - 2587

SP - 16

EP - 34

JO - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

JF - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SN - 0302-9743

ER -