A forward secure signcryption scheme with ciphertext authentication for e-payment systems using conic curve cryptography

A forward secure signcryption scheme with ciphertext authentication for e-payment systems using conic curve cryptography

Signcryption is an authenticated encryption technique that concurrently establishes message confidentiality, authenticity, integrity and non-repudiation. In this paper, we propose an efficient signcryption scheme, based on the hardness of RSA assumption and discrete logarithm problem on conic curves...

Full description

Saved in:
Bibliographic Details
Published in:Journal of King Saud University. Computer and information sciences Vol. 33; no. 1; pp. 86 - 98
Main Authors: Daniel, Renu Mary, Rajsingh, Elijah Blessing, Silas, Salaja
Format: Journal Article
Language:English
Published: Elsevier B.V 01-01-2021
Elsevier
Subjects:
Ciphertext authentication
Conic curve cryptography
E-commerce
Forward secrecy
ProVerif
Signcryption
Signcryption
Conic curve cryptography
Ciphertext authentication
E-commerce
ProVerif
Forward secrecy
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Signcryption is an authenticated encryption technique that concurrently establishes message confidentiality, authenticity, integrity and non-repudiation. In this paper, we propose an efficient signcryption scheme, based on the hardness of RSA assumption and discrete logarithm problem on conic curves over a ring Zn. The protocol ensures forward secrecy, in case the sender’s secret keys are exposed and supports ciphertext authentication by an external entity, without full decryption. The protocol remains secure, as long as, either one of the hardness assumptions hold. The scheme is implemented over conic curves, which facilitates effective message encoding and decoding, as well as, efficient point operations and inverses. Conic-based RSA assumption offers resistance to low public key and low private key exponent attacks, prevalent in the original RSA cryptosystem. The proposed protocol is used to design a Business to Customer (B2C) e-commerce system, with security against replay attacks, man-in-the-middle attacks, impersonation attacks, server spoofing and double spending. The protocol is validated using automated cryptographic verification tool ProVerif.
ISSN:1319-1578
2213-1248
DOI:10.1016/j.jksuci.2018.02.004