Cryptology ePrint Archive: Report 2003/163

Multipurpose Identity-Based Signcryption : A Swiss Army Knife for Identity-Based Cryptography

Xavier Boyen

Abstract: A combined Identity-Based Signature/Encryption system with multiple security properties is presented. The scheme allows Alice to sign a message and encrypt it for Bob ("confidentiality") in such a way that the ciphertext does not reveal anything about their identities ("anonymity"); upon receipt, Bob is convinced that he is Alice's intended addressee ("authentication") but is unable to prove this to a third party ("unlinkability"); nevertheless, the decrypted message bears a signature by Alice that anyone can verify ("non-repudiation"). The construction is based on the Bilinear Diffie-Hellman assumption, and proved secure in the random oracle model.

Category / Keywords: public-key cryptography / ID-based cryptography, signcryption, multiple security properties.

Publication Info: An extended abstract appears in CRYPTO 2003.

Date: received 8 Aug 2003, last revised 25 Feb 2004

Contact author: eprint at boyen org

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Note: Minor corrections.

Version: 20040226:024310 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]