Informatica

Anonymous multi-recipient signcryption (AMRS) is an important scheme of public-key cryptography (PKC) and applied for many modern digital applications. In an AMRS scheme, a broadcast management centre (BMC) may sign and encrypt a plaintext data (or file) to a set of multiple recipients. Meanwhile, only these recipients in the set can decrypt the plaintext data and authenticate the BMC while offering anonymity of their identities. In the past, some AMRS schemes based on various PKCs have been proposed. Recently, due to side-channel attacks, the existing cryptographic mechanisms could be broken so that leakage-resilient PKC resisting such attacks has attracted the attention of cryptographic researches. However, the work on the design of leakage-resilient AMRS (LR-AMRS) schemes is little and only suitable for multiple recipients under a single PKC. In this paper, the first leakage-resilient and seamlessly compatible AMRS (LRSC-AMRS) in heterogeneous PKCs is proposed. In the proposed scheme, multiple recipients can be members of two heterogeneous PKCs, namely, the public-key infrastructure PKC (PKI-PKC) or the certificateless PKC (CL-PKC). Also, we present a seamlessly compatible upgradation procedure from the PKI-PKC to the CL-PKC. The proposed scheme achieves three security properties under side-channel attacks, namely, encryption confidentiality, recipient anonymity and sender (i.e. BMC) authentication, which are formally shown by the associated security theorems. Finally, by comparing with related schemes, it is shown that the proposed LRSC-AMRS scheme is suitable for heterogeneous recipients and the computational cost of each recipient’s unsigncryption algorithm is constant $O(1)$.

Signcryption integrates both signature and encryption schemes into single scheme to ensure both content unforgeability (authentication) and message confidentiality while reducing computational complexity. Typically, both signers (senders) and decrypters (receivers) in a signcryption scheme belong to the same public-key systems. When signers and decrypters in a signcryption scheme belong to heterogeneous public-key systems, this scheme is called a hybrid signcryption scheme which provides more elastic usage than typical signcryption schemes. In recent years, a new kind of attack, named side-channel attack, allows adversaries to learn a portion of the secret keys used in cryptographic algorithms. To resist such an attack, leakage-resilient cryptography has been widely discussed and studied while a large number of leakage-resilient schemes have been proposed. Also, numerous hybrid signcryption schemes under heterogeneous public-key systems were proposed, but none of them possesses leakage-resilient property. In this paper, we propose the first hybrid signcryption scheme with leakage resilience, called leakage-resilient hybrid signcryption scheme, in heterogeneous public-key systems (LR-HSC-HPKS). Security proofs are demonstrated to show that the proposed scheme provides both authentication and confidentiality against two types of adversaries in heterogeneous public-key systems.