A Single Key Pair is Adequate for the Zheng Signcryption


We prove that the original Zheng signcryption scheme published at Crypto’97, with a couple of minor tweaks, requires only a single public/private key pair for each user. That is the user can employ the same public/private key pair for both signcryption and unsigncryption in a provably secure manner. We also prove that the Zheng signcryption scheme allows a user to securely signcrypt a message to himself. Our first result confirms a long-held belief that signcryption reduces the overhead associated with public keys, while our second result foretells potential applications in cloud storage where one with a relatively less resourceful storage device may wish to off-load data to an untrusted remote storage network in a secure and unforgeable way.

DOI: 10.1007/978-3-642-22497-3_24

Extracted Key Phrases

2 Figures and Tables

Cite this paper

@inproceedings{Fan2011ASK, title={A Single Key Pair is Adequate for the Zheng Signcryption}, author={Jia Fan and Yuliang Zheng and Xiaohu Tang}, booktitle={ACISP}, year={2011} }