In this book, editors Dent and Zheng consolidate the research work done for the advancement of signcryption technology. They accurately state that this particular technology can be of vital significance for securing contemporary communication systems, due to its high efficiency rates, without compromising the underlying security.
Signcryption emerged as a successor to code modulation techniques, which involved the use of numerous manipulations of data while transiting between a sender and a receiver. The 1970s witnessed intensive research work toward the merging of error correction and modulation techniques, for improving efficiency of the then-existing security schemes for communication systems.
In the mid-1980s, Zheng carried out research work to study possibilities for merging crypto primitives associated with key security properties of confidentiality and integrity. Zheng realized two combinations to achieve the above: private key encryption with private key authentication, and public key encryption with digital signatures. Signcryption was thus formulated as a scheme, based on the combination of ElGamal encryption and signature, wherein an ephemeral key serves as a conduit between both aspects of the signcryption scheme: authenticity and confidentiality.
Part 1 of the book provides readers with detailed know-how of security models for signcryption. In chapter 1, Zheng provides thorough insight into the workings of the signcryption algorithm, and illustrates the security of his scheme. The chapter also provides details on security notions and notations, and serves as a primer for security enthusiasts who wish to gain knowledge of the proofs of standard security techniques such as signatures, signatures with message recovery, security notions for finite message spaces, public-key encryption security, and symmetric encryption security.
Chapter 2 provides a formal definition of the application of signcryption in a two-user setting, followed by an analysis of the security of the model. Chapter 3 provides insight into the use of signcryption in a multiuser setting, wherein the adversary is assumed to have more powers than those in a two-user scenario.
Part 2 consists of three chapters (4 through 6) that focus on variant signcryption schemes. Chapter 4 addresses the issue of nonrepudiation that exists with the original signcryption scheme, through the use of the Diffie-Hellman key exchange protocol. Chapter 5 provides detailed insight into the construction of signcryption schemes based on bilinear maps (such as pairings). Although such an approach will incur additional processing overhead, we can still consider it to be a thoughtful application for scenarios where the security of the scheme is more significant than lesser delays. Chapter 6 examines in detail the various attempts to construct signcryption schemes through RSA moduli. The authors mention that such schemes will involve the use of expensive transformations that will impose significant processing overheads on the system, albeit with enhanced security.
Part 3 consists of chapters that focus on diverse signcryption construction schemes. Chapter 7 outlines hybrid mechanisms for combining symmetric and asymmetric encryptions. The chapter also highlights the fact that, in consideration of the high computational overhead associated with asymmetric key cryptography, symmetric key-based components can be included within asymmetric key-based schemes, for improved performances. Chapter 8 addresses the concept of concealment, in which a publicly known randomized transmutation, subject to input m, outputs a hider h and a binder b. Together, h and b help to recover the message m; individually, neither reveals any information. The authors discuss the applications of concealment in the field of authenticated encryption. Chapter 9 provides details on the parallelized implementation of the signcryption scheme constructions for providing further performance improvements.
The last part of the book, Part 4, consists of three extensions to the signcryption scheme. Chapter 10 discusses the use of identity-based encryption in associating users with secret information (such as private keys), for signcryption, to provide authenticated encryption. Chapter 11 provides insight into the use of signcryption for confidential and authenticated key establishment, which has remained an issue of constant discussion among the security community. Finally, in chapter 12, the authors provide descriptions of practical application scenarios of the signcryption scheme, together with an analysis of the cost advantages gained through this scheme. In particular, the chapter discusses these application scenarios: secure multicasting over the Internet, authenticated key recovery, secure asynchronous transfer mode (ATM) networks, secure routing for mobile ad hoc networks, encrypted and authenticated emails by firewalls, secure voice over Internet protocol (VoIP), and secure electronic payments.
Overall, the book is a thorough consolidation of all the substantial work done toward the enhancement and use of the signcryption scheme. The book is primarily intended for communication design engineers, communication system analysts, and security analysts, as well as enthusiastic researchers at large.
