Abstract:

Certificateless cryptography eliminates the key escrow problem inherent in identity based cryptosystems, and simplifies the certificate management in the traditional public key cryptosystem, which has great superiority. Four certificateless signcryption schemes were analyzed, which shows there exist confidentiality attacks in two schemes and forgeability attacks in three schemes. The four schemes were improved by using the methods of binding receiver in signature part, binding sender in encryption part and including random number in signcryption part respectively. Finally, the improved schemes were proved in the random oracle model, and it shows the improved schemes are secure.

Key words: certificateless signcryption;confidentiality attacks;forgeability attacks;public key replacement attacks;random oracle model