This paper presents the secure extension of the Kwak-Moon group signcryption scheme [Kwak D, Moon S. Efficient distributed signcryption scheme as group signcryption. In: First applied cryptography and network security - ACNS'03. Lecturer notes in computer science, vol. 2846. Springer-Verlag; 2003. p. 403-17] as a countermeasure against the cryptanalysis in [Wang G, Deng RH, Kwak D, Moon S. Security analysis of two signcryption scheme. In: Information security conference - ISC 2004. Lecturer notes in computer science, vol. 3225. Springer-Verlag; 2004. p. 123-33]. The cryptanalysis revealed that the Kwak-Moon scheme cannot satisfy the properties of unforgeability, coalition-resistance, and traceability. Therefore, to avoid these weaknesses, while providing the same functions, we add confidentiality to the original group signature by distributing a shared secret among group members through an efficient group key agreement. However, in case of just combining a group signature and a group key agreement, if an attacker who does not belong to the group acquires a valid group signature, it is still possible for him to impersonate a valid group member and delegate the group. Thus, to avoid this possibility, the proposed scheme confirms whether or not the sender is equal to the signer by including a session key encryption in the signed message. In addition, we analyze the security of the proposed scheme and apply it to an anonymous statistical survey of attributes.

• 出版日期2006-9