摘要:Signcryption can realize the function of encryption and signature in a reasonable logic step, which can lower computational costs and communication overheads. In 2008, Fagen Li et al. proposed an efficient secure id-based threshold signcryption scheme. The authors declared that their scheme had the attributes of confidentiality and unforgeability in the random oracle model. In this paper, we show that scheme is insecure against malicious attackers and give our attacker method to forge the ciphertext. Following our method, any malicious attacker can forge a valid message in their scheme. Further, we propose a probably-secure improved scheme to correct the vulnerable and give the unforgeability and confidentiality of our improved scheme under the existing security assumption.
