On the Connection between Signcryption and One-pass Key Establishment

Key establishment between two parties that uses only one message transmission is referred to as one-pass key establishment (OPKE). OPKE provides the opportunity for very efficient constructions, even though they will typically provide a lower level of security than the corresponding multi-pass variants. In this paper, we explore the intuitive connection between signcryption and OPKE. By establishing a formal relationship between these two primitives, we show that with appropriate security notions, OPKE can be used as a signcryption KEM and vice versa. In order to establish the connection we explore the definitions of security for signcryption (KEM) and give new and generalised definitions. By making our generic constructions concrete we are able to provide new examples of signcryption KEMs and an OPKE protocol

WCAN 2006 On the Security of Tag-KEM for Signcryption

Signcryption tag-KEM (Key Encapsulation Mechanism with a tag) is an authenticated tag-KEM for generic construction of hybrid signcryption. Signcryption tag-KEM allows the sender to encapsulate a symmetric key along with a tag so that the receiver can authenticate the sender, the key, and the tag. We present a definition for the security of signcryption tag-KEM which is suitable for a recent signcryption setting. We also present a proof of security for the previous generic construction of hybrid signcryption according to the given definition. Key words: key encapsulation, privacy, authentication, signcryption, signcryption tag-KEM