摘要 |
<p>A signcryption is generated by a sender (110) by using a first encryption algoritm to encrypt (S1) plaintext m with public key Epk to get ciphertext e, e=E.Encrypt(m); generating (S2) a key k and its encapsulation c using an encapsulation algoritm and public key Kpk, k,c=KD.Encapsulate(); sign (e,c) using Ssk, s= S.sign(e,c), step S3; encrypt (S4) the signature s using a second encryption algoritm and the key k, e_d=D.Encrypt(s). The signcryption of m is formed (S5) by (e,c,e_d). The sender may also prove (S11) knowledge of the decryption of e, and that e_d encrypts a valid signature on the concatenation of c and e using the key of the encapsulation. Also provided are the corresponding signcryption verification device and method, and computer program products.</p> |