International Association for Cryptologic Research (IACR)
Abstract
This work studies signcryption of classical data in the quantum setting. Essentially, we investigate the quantum security of generic constructions of signcryption schemes based on three paradigms, viz., encrypt-then-sign (EtS), sign-then-encrypt (StE) and commit-then-encrypt-and-sign (CtE&S). For doing that we define the confidentiality and authenticity of signcryption for classical data both in insider and outsider models against quantum adversaries. In the insider model, we show that the quantum variants of the classical results hold in the quantum setting. However, for arguing authenticity in outsider model of StE and CtE&S paradigms, we need to consider an intermediate setting in which the adversary is given quantum access to unsigncryption oracle but classical access to signcryption oracle. In two-user outsider model, as in the classical setting, we show that post-quantum CPA security of the base encryption scheme is amplified in the EtS paradigm if the base signature scheme satisfies a stronger definition. We prove an analogous result in the StE paradigm. Interestingly, in the multi-user setting, our results strengthen the known classical results. Furthermore, our results for the EtS and StE paradigms in the two-user outsider model also extend to the setting of authenticated encryption. Finally, we briefly discuss concrete instantiations in various paradigms utilizing some available candidates of quantum secure encryption and signature schemes
