Fully secure identity‐based signcryption scheme with shorter signcryptext in the standard model

Identity‐based signcryption (IBSC) is a cryptographic primitive which combines both the functions of identity‐based signature and identity‐based encryption in a single logical step, but with the cost of computation and communication significantly less than those needed by the signature‐then‐encryption approach. The first proposal Yu et al. (2009) [12] for IBSC schemes without random oracles and its improvement Zhang (2010) [15] were found insecure. Recently Li and Takagi (2011) [16] presented an improved IBSC, but at the price of large signcryptext expansion and more exponentiation computation. In this paper we reconsider the first (but insecure) IBSC proposal, and find that a small modification will result in a secure IBSC. Unlike that of Li and Takagi, our scheme does not sacrifice the bandwidth and computation efficiency to achieve the security goals. We use the proof techniques of Li and Takagi to prove in the standard model its indistinguishability against adaptive chosen ciphertext attack and existential unforgeability against adaptive chosen message attack. Through comparison of computational cost and communication overhead, our scheme is amongst the most efficient IBSC schemes without random oracles.