Efficient forward and provably secure ID-based signcryption scheme with public verifiability and public ciphertext authenticity

Boyen [7] gave the first identity-based (ID-based) signcryp-tion scheme that is forward secure, publicly verifiable as well as provably secure. However, his scheme aims at providing ciphertext unlinkability and anonymity which is not a desirable property in applications such as authentication of encrypted messages by firewalls [11], where any third party should be able to verify the origin of the ciphertext without knowing the content of the message and getting any help from the intended recipient. This requirement is referred as public ciphertext authenticity. In this paper, we give another ID-based signcryp-tion scheme that can provide public ciphertext authenticity and is forward and provably secure as well as publicly verifiable. Our scheme is modified from Libert and Quisquater's ID-based signcryption scheme [16] and the efficiency of our scheme is comparable to other previous ID-based signcryption schemes.