Paper 2010/360

On the Security of Identity Based Threshold Unsigncryption Schemes

S. Sharmila Deva Selvi, S. Sree Vivek, S. Priti, and C. Pandu Rangan


Signcryption is a cryptographic primitive that provides confidentiality and authenticity simultaneously at a cost significantly lower than that of the naive combination of encrypting and signing the message. Threshold signcryption is used when a message to be sent needs the authentication of a certain number of members in an organisation, and until and unless a given number of members (known as the threshold) join the signcyption process, a particular message cannot be signcrypted. Threshold unsigncryption is used when this constraint is applicable during the unsigncryption process. In this work, we cryptanalyze two threshold unsigncryption schemes. We show that both these schemes do not meet the stringent requirements of insider security and propose attacks on both confidentiality and unforgeability. We also propose an improved identity based threshold unsigncryption scheme and give the formal proof of security in a new stronger security model.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. Full version of the paper accepted in APWCS-2010
Identity Based CryptographyThreshold UnsigncryptionCryptanalysisRandom Oracle Model
Contact author(s)
sharmioshin @ gmail com
ssreevivek @ gmail com
2010-06-25: received
Short URL
Creative Commons Attribution


      author = {S. Sharmila Deva Selvi and S. Sree Vivek and S. Priti and C. Pandu Rangan},
      title = {On the Security of Identity Based Threshold Unsigncryption Schemes},
      howpublished = {Cryptology ePrint Archive, Paper 2010/360},
      year = {2010},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.