Paper 2011/156

Strong Forward Security in Identity-Based Signcryption

Madeline González Muñiz and Peeter Laud


Due to the possibility of key exposure, forward security in encryption and signing has been well studied, especially in the identity-based setting where an entity's public key is that entity's name. From an efficiency point of view, one would like to use the signcryption primitive and have the best of both worlds. However, strong forward security, where the adversary cannot signcrypt in sender's name nor designcrypt in receiver's name for past time periods even if it has the secrets of both, requires periodic updating of the secret keys of the users. This is an improvement over signcryption schemes that only protect against designcrypting in the past. In this paper, we propose the first ever strong forward secure identity-based signcryption scheme which has public ciphertext verifiability and a third-party verification protocol.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
forward securitysigncryptionpairing-based cryptographyidentity-based cryptography
Contact author(s)
madeline @ research cyber ee
2011-03-30: received
Short URL
Creative Commons Attribution


      author = {Madeline González Muñiz and Peeter Laud},
      title = {Strong Forward Security in Identity-Based Signcryption},
      howpublished = {Cryptology ePrint Archive, Paper 2011/156},
      year = {2011},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.