In conventional message communication systems, the practice of multi-message multi-receiver signcryption communication encounters several challenges, including the vulnerability to Key Generation Center (KGC) attacks, privacy breaches and excessive communication data volume. The KGC necessitates a secure channel to transmit partial private keys, thereby rendering the security of these partial private keys reliant on the integrity of the interaction channel. This dependence introduces concerns regarding the confidentiality of the private keys. Our proposal advocates for the substitution of the KGC in traditional certificateless schemes with blockchain and smart contract technology. Parameters are publicly disclosed on the blockchain, leveraging its tamper-proof property to ensure security. Furthermore, this scheme introduces conventional encryption techniques to achieve user identity privacy in the absence of a secure channel, effectively resolving the issue of user identity disclosure inherent in blockchain-based schemes and enhancing communication privacy. Moreover, users utilize smart contract algorithms to generate a portion of the encrypted private key, thereby minimizing the possibility of third-party attacks. In this paper, the scheme exhibits resilience against various attacks, including KGC leakage attacks, internal privilege attacks, replay attacks, distributed denial of service attacks and Man-in-the-Middle (MITM) attacks. Additionally, it possesses desirable security attributes such as key escrow security and non-repudiation. The proposed scheme has been theoretically and experimentally analyzed under the random oracle model, based on the computational Diffie-Hellman problem and the discrete logarithm problem. It has been proven to possess confidentiality and unforgeability. Compared with similar schemes, our scheme has lower computational cost and shorter ciphertext length. It has obvious advantages in communication and time overhead.
Citation: Xiao Dong Yang, Wen Jia Wang, Bin Shu, Mei Juan Li, Rui Xia Liu, Cai Fen Wang. Multi-message multi-receiver signcryption scheme based on blockchain[J]. Mathematical Biosciences and Engineering, 2023, 20(10): 18146-18172. doi: 10.3934/mbe.2023806
In conventional message communication systems, the practice of multi-message multi-receiver signcryption communication encounters several challenges, including the vulnerability to Key Generation Center (KGC) attacks, privacy breaches and excessive communication data volume. The KGC necessitates a secure channel to transmit partial private keys, thereby rendering the security of these partial private keys reliant on the integrity of the interaction channel. This dependence introduces concerns regarding the confidentiality of the private keys. Our proposal advocates for the substitution of the KGC in traditional certificateless schemes with blockchain and smart contract technology. Parameters are publicly disclosed on the blockchain, leveraging its tamper-proof property to ensure security. Furthermore, this scheme introduces conventional encryption techniques to achieve user identity privacy in the absence of a secure channel, effectively resolving the issue of user identity disclosure inherent in blockchain-based schemes and enhancing communication privacy. Moreover, users utilize smart contract algorithms to generate a portion of the encrypted private key, thereby minimizing the possibility of third-party attacks. In this paper, the scheme exhibits resilience against various attacks, including KGC leakage attacks, internal privilege attacks, replay attacks, distributed denial of service attacks and Man-in-the-Middle (MITM) attacks. Additionally, it possesses desirable security attributes such as key escrow security and non-repudiation. The proposed scheme has been theoretically and experimentally analyzed under the random oracle model, based on the computational Diffie-Hellman problem and the discrete logarithm problem. It has been proven to possess confidentiality and unforgeability. Compared with similar schemes, our scheme has lower computational cost and shorter ciphertext length. It has obvious advantages in communication and time overhead.
[1] | S. S. Basu, S. Tripathy, Secure multicast communication techniques for IoT, in Security and Fault Tolerance in Internet of Things, Springer Cham, (2019), 43–59. https://doi.org/10.1007/978-3-030-02807-7_3 |
[2] | X. Boyen, Multipurpose identity-based signcryption: A swiss army knife for identity-based cryptography, in Annual International Cryptology Conference, Berlin, Heidelberg, Springer, (2003), 383–399. https://doi.org/10.1007/978-3-540-45146-4_23 |
[3] | L. Pang, H. Li, Q. Pei, Improved multicast key management of Chinese wireless local area network security standard, IET Commun., 6 (2012), 1126–1130. https://doi.org/10.1049/iet-com.2010.0954 doi: 10.1049/iet-com.2010.0954 |
[4] | H. Kashgarani, C. Miller, S. Suresh, A. Zacharias, Exploring Performance of GeoCAT data analysis routines on GPUs, Supercomputing, (2022). |
[5] | H. Kashgarani, L. Kotthoff, Is algorithm selection worth it? Comparing selecting single algorithms and parallel execution, in AAAI Workshop on Meta-Learning and MetaDL Challenge, PMLR, 140 (2021), 58–64. |
[6] | Y. Zheng, Digital signcryption or how to achieve cost (signature & encryption) < < cost (signature) + cost (encryption), in Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology, Springer, (1997), 165–179. https://doi.org/10.1007/BFb0052234 |
[7] | W. Diffie, M. E. Hellman, New directions in cryptography, IEEE Trans. Inf. Theory, 22 (1976), 644–654. https://doi.org/10.1145/3549993.3550007 doi: 10.1145/3549993.3550007 |
[8] | A. Shamir, Identity-based cryptosystems and signature schemes, in Advances in Cryptology: Proceedings of CRYPTO, Springer Berlin Heidelberg, (1984), 47–53. https://doi.org/10.1007/3-540-39568-7_5 |
[9] | S. S. Al-Riyami, K. G. Paterson, Certificateless public key cryptography, in International Conference on the Theory and Application of Cryptology and Information Security, Springer Berlin Heidelberg, (2003), 452–473. https://doi.org/10.1007/978-3-540-40061-5_29 |
[10] | D. He, Security analysis of a certificateless signcryption scheme (in Chinese), J. Software, 24 (2013), 618–622. https://doi.org/10.3724/SP.J.1001.2013.04245 doi: 10.3724/SP.J.1001.2013.04245 |
[11] | Z. Zhao, Security analysis and improvement of certificateless signcryption scheme (in Chinese), J. Commun., 36 (2015), 129–134. |
[12] | Y. Zhou, B. Yang, W. Zhang, Provably secure and efficient certificateless generalized signcryption scheme (in Chinese), Chin. J. Comput., 39 (2016), 543–551. https://doi.org/10.11897/SP.J.1016.2016.00543 doi: 10.11897/SP.J.1016.2016.00543 |
[13] | X. Liu, Z. Wang, Y. Ye, F. Li, An efficient and practical certificateless signcryption scheme for wireless body area networks, Comput. Commun., 162 (2020), 169–178. https://doi.org/10.1016/j.comcom.2020.08.014 doi: 10.1016/j.comcom.2020.08.014 |
[14] | W. Zhang, W. Huang, J. Feng, Secure communication mechanism for VSN based on certificateless signcryption, J. Commun. /Tongxin Xuebao, 42 (2021), 128–136. |
[15] | P. Thorncharoensri, W. Susilo, Y. W. Chow, Privacy-preserving file sharing on cloud storage with certificateless signcryption, Theor. Comput. Sci., 916 (2022), 1–21. https://doi.org/10.1016/j.tcs.2022.02.033 doi: 10.1016/j.tcs.2022.02.033 |
[16] | L. Wang, J. Gao, Q. Li, Z. Chen, Blockchain-based multi-recipient multi-message signcryption scheme (in Chinese), J. Software, 32 (2021), 3606–3627. https://doi.org/10.13328/j.cnki.jos.006034 doi: 10.13328/j.cnki.jos.006034 |
[17] | Z. Zhang, Y. Liu, X. Yin, K. Huang, Analysis and improvement of certificateless signature schemes (in Chinese), J. Cryptologic Res., 7 (2020), 389–403. https://doi.org/10.13868/j.cnki.jcr.000375 doi: 10.13868/j.cnki.jcr.000375 |
[18] | W. Wang, H. Xu, M. Alazab, T. R. Gadekallu, C. Su, Blockchain-based reliable and efficient certificateless signature for IIoT devices, IEEE Trans. Ind. Inf., 18 (2021), 7059–7067. https://doi.org/10.1109/TII.2021.3084753 doi: 10.1109/TII.2021.3084753 |
[19] | S. S. D. Selvi, S. S. Vivek, D. Shukla, P. Rangan Chandrasekaran, Efficient and provably secure certificateless multi-receiver signcryption, in Provable Security: Second International Conference, ProvSec 2008, Springer Berlin Heidelberg, (2008), 52–67. https://doi.org/10.1007/978-3-540-88733-1_4 |
[20] | S. Miao, F. Zhang, L. Zhang, Cryptanalysis of a certificateless multi-receiver signcryption scheme, in 2010 International Conference on Multimedia Information Networking and Security, IEEE, (2010), 593–597. https://doi.org/10.1109/MINES.2010.130 |
[21] | J. Shen, Z. Gui, X. Chen, J. Zhang, Y. Xiang, Lightweight and certificateless multi-receiver secure data transmission protocol for wireless body area networks, IEEE Trans. Dependable Secure Comput., 19 (2020), 1464–1475. https://doi.org/10.1109/TDSC.2020.3025288 doi: 10.1109/TDSC.2020.3025288 |
[22] | J. Baek, R. Safavi-Naini, W. Susilo, Efficient multi-receiver identity-based encryption and its application to broadcast encryption, in Public Key Cryptography-PKC 2005: 8th International Workshop on Theory and Practice in Public Key Cryptography, Springer Berlin Heidelberg, (2005), 380–397. https://doi.org/10.1007/978-3-540-30580-4_26 |
[23] | L. Pang, J. Cui, H. Li, Q. Pei, Z. Jiang, Y. Wang, A new multi-receiver ID-based anonymous signcryption (in Chinese), Chin. J. Comput., 34 (2011), 2104–2113. |
[24] | H. Li, X. Chen, L. Ju, L. Pang, Y. Wang, Improved multi-receiver signcryption scheme, J. Comput. Res. Dev., 50 (2013), 1418–1425. |
[25] | L. Pang, H. Li, nMIBAS: A novel multi-receiver ID-based anonymous signcryption with decryption fairness, Comput. Inf., 32 (2013), 441–460. |
[26] | C. Zhou, Provably secure and efficient multi-receiver identity-based generalized signcryption scheme, in 2014 Ninth Asia Joint Conference on Information Security, IEEE, (2014), 82–88. https://doi.org/10.1109/AsiaJCIS.2014.10 |
[27] | Y. Zhou, B. Yang, Q. Wang, Anonymous hybrid signcryption scheme with multi-receiver (multi-message) based on identity (in Chinese), J. Software, 29 (2018), 442–455. https://doi.org/10.13328/j.cnki.jos.005250 doi: 10.13328/j.cnki.jos.005250 |
[28] | Q. Jing, B. Jun, S. Chuan, H. Sheng, Secure and efficient multi-message and multi-receiver ID-based signcryption for rekeying in ad hoc networks, J. Chongqing Univ., 12 (2013), 91–96. |
[29] | Y. Zhao, Y. Wang, Y. Liang, H. Yu, Y. Ren, Identity-based broadcast signcryption scheme for vehicular platoon communication, IEEE Trans. Ind. Inf., 19 (2022), 7814–7824. https://doi.org/10.1109/TII.2022.3203724 doi: 10.1109/TII.2022.3203724 |
[30] | Y. Zhou, B. Yang, W. Zhang, Anonymous certificateless signcryption scheme with multi-receiver (in Chinese), Acta Electron. Sin., 44 (2016), 1784–1790. https://doi.org/10.3969/j.issn.0372-2112.2016.08.002 doi: 10.3969/j.issn.0372-2112.2016.08.002 |
[31] | L. Pang, M. Kou, M. Wei, H. Li, Efficient anonymous certificateless multi-receiver signcryption scheme without bilinear pairings, IEEE Access, 6 (2018), 78123–78135. https://doi.org/10.1109/ACCESS.2018.2884798 doi: 10.1109/ACCESS.2018.2884798 |
[32] | L. Pang, M. Wei, H. Li, Efficient and anonymous certificateless multi-message and multi-receiver signcryption scheme based on ECC, IEEE Access, 7 (2019), 24511–24526. https://doi.org/10.1109/ACCESS.2019.2900072 doi: 10.1109/ACCESS.2019.2900072 |
[33] | C. Peng, J. Chen, M. S. Obaidat, P. Vijayakumar, D. He, Efficient and provably secure multireceiver signcryption scheme for multicast communication in edge computing, IEEE Internet Things J., 7 (2019), 6056–6068. https://doi.org/10.1109/JIOT.2019.2949708 doi: 10.1109/JIOT.2019.2949708 |
[34] | M. Fu, X. Gu, W. Dai, J. Lin, H. Wang, Secure multi-receiver communications: Models, proofs, and implementation, in Algorithms and Architectures for Parallel Processing: 19th International Conference, Springer Cham, (2019), 689–709. https://doi.org/10.1007/978-3-030-38991-8_45 |
[35] | B. Wang, J. Rong, S. Zhang, L. Liu, Research on data security of multicast transmission based on certificateless multi-recipient signcryption in AMI, Int. J. Electr. Power Energy Syst., 121 (2020), 106123. https://doi.org/10.1016/j.ijepes.2020.106123 doi: 10.1016/j.ijepes.2020.106123 |
[36] | Y. Zhou, Y. Bo, W. Zhang, Multi-receiver and multi-message of certificateless signcryption scheme (in Chinese), Chin. J. Comput., 40 (2020), 1714–1724. |
[37] | X. Yu, W. Zhao, D. Tang, Efficient and provably secure multi-receiver signcryption scheme using implicit certificate in edge computing, J. Syst. Archit., 126 (2022), 102457. https://doi.org/10.1016/j.sysarc.2022.102457 doi: 10.1016/j.sysarc.2022.102457 |
[38] | A. Karati, C. Fan, J. Huang, An efficient pairing-free certificateless signcryption without secure channel communication during secret key issuance, Procedia Comput. Sci., 171 (2020), 110–119. https://doi.org/10.1016/j.procs.2020.04.012 doi: 10.1016/j.procs.2020.04.012 |