Litcius/Paper detail

Comments on “Provably Secure Generalized Signcryption Scheme With Public Verifiability for Secure Data Transmission Between Resource-Constrained IoT Devices”

Bo Zhang

2020IEEE Internet of Things Journal89 citationsDOI

Abstract

Very recently, Karati <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">et al.</i> presented a new generalized CLSC (gCLSC) to provide the functions of digital signature and encryption to fulfill the authenticity and confidentiality for the resource-constrained Internet-of-Things (IoT) devices. Karati <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">et al.</i> claimed that the newly proposed gCLSC supports the property of public verifiability and security of an ideal signcryption under the strong Diffie–Hellman and bilinear Diffie–Hellman inversion problems without the random oracle model. Unfortunately, their scheme is insecure with respect to unforgeability. It is demonstrated that any receiver or nonprivileged user can generate a valid signature or signcrypted ciphertext on any message. Finally, this article also points out the flaw in their unforgeability proof and gives some suggestions on the construction of a concrete scheme.

Topics & Concepts

SigncryptionRandom oracleComputer scienceCiphertextPublic-key cryptographyEncryptionBilinear interpolationSemantic securityDigital signatureScheme (mathematics)Theoretical computer scienceComputer securityIdeal (ethics)ConfidentialityPlaintextComputer networkMathematicsAttribute-based encryptionEpistemologyComputer visionMathematical analysisHash functionPhilosophyCryptography and Data SecurityComplexity and Algorithms in GraphsPrivacy-Preserving Technologies in Data
Comments on “Provably Secure Generalized Signcryption Scheme With Public Verifiability for Secure Data Transmission Between Resource-Constrained IoT Devices” | Litcius