摘要:Constructing efficient (Hierarchical) identitybased signature/signcryption ((H)IBS/IBSC) schemes in thestandard model with full security remain as open problemsfor a long time. Ren et al. constructed efficient (H)IBS/IBSCschemes with full security without random oracle in ISDPE’07 and Chinacrypt’08, . They claimed their schemescan be proved to simultaneously achieve high efficiency,short public parameters and a tight reduction. But weshall show their schemes are not secure. Furthermore, wegive improvements to these schemes which can resist theproposed attack. Proxy re-encryption is a primitive whichallows the transformation from A’s ciphertext to be B’sciphertext by using proxies, without the proxy knowing thecorresponding plaintexts or secret keys of A or B. Proxybroadcast re-encryption aims at transforming ciphertextfrom one user to a group, which is a generalization of proxyre-encryption. Recently, Sun et al. proposed a CCA-secureunidirectional proxy broadcast re-encryption in the standardmodel, we also show their scheme has some flaws.
关键词:(Hierarchical) identity based signature/signcryption;Proxy broadcast re-encryption;Attack.
