A code-based hybrid signcryption scheme

Abstract

Read online

A key encapsulation mechanism (KEM{\mathsf{KEM}}) that takes as input an arbitrary string, i.e., a tag, is known as tag-KEM{\mathsf{KEM}}, while a scheme that combines signature and encryption is called signcryption. In this article, we present a code-based signcryption tag-KEM{\mathsf{KEM}} scheme. We utilize a code-based signature and an IND-CCA2{\mathsf{IND}}\hspace{0.1em}\text{-}\hspace{0.1em}{\mathsf{CCA2}} (adaptive chosen ciphertext attack) secure version of McEliece’s encryption scheme. The proposed scheme uses an equivalent subcode as a public code for the receiver, making the NP-completeness of the subcode equivalence problem be one of our main security assumptions. We then base the signcryption tag-KEM{\mathsf{KEM}} to design a code-based hybrid signcryption scheme. A hybrid scheme deploys asymmetric- as well as symmetric-key encryption. We give security analyses of both our schemes in the standard model and prove that they are secure against IND-CCA2{\mathsf{IND}}\hspace{0.1em}\text{-}\hspace{0.1em}{\mathsf{CCA2}} (indistinguishability under adaptive chosen ciphertext attack) and SUF-CMA{\mathsf{SUF}}\hspace{0.1em}\text{-}\hspace{0.1em}{\mathsf{CMA}} (strong existential unforgeability under chosen message attack).

Keywords

• coding theory
• signature scheme
• public-key cryptography
• code-based cryptography
• signcryption
• 94a60