In 2006, Fagen LI et al. proposed an efficient identity-based signcryption scheme and declared that this scheme had the attributes of privacy, unforgeability, public verifiability, repudiation and forward security. After detailed analysis, we find that scheme does not meet the attributes which the author';s declared. Actually, an active attacker with the capacity of controlling the communication channel can replace the public key of the sender to forge a cipher text which can pass the unsigncrypt phase but don';t need to steal the private key of the sender. In 2009, Xiao LI et al. also found a method to forge a cipher text on the scheme of Fagen LI et al. Further, they proposed an improved identity-based signcryption scheme and declared their improved scheme had the attributes mentioned above. However we find a forged cipher text still can be constructed using the public key replacement attack. Finally, we point out the flaws in their schemes which our attack based on and proposed two corresponding enhanced schemes. In additional, we show that another Identity-Based Multi-Signcryption Scheme proposed by MENG Tao et al. in 2007 is insecure against the key replacement attack as well. In their scheme, an active attacker can replace the signcrypter';s public key and forge a valid cipher text to pass the examination of the receiver without the knowledge of the signcrypter';s private key. we discuss the flaws which lead to our attack succeeding to forge the valid cipher text and add the corresponding solution at last.

• 出版日期2012