On the Security of Identity Based Threshold Unsigncryption Schemes
Signcryption is a cryptographic primitive that provides confidentiality and authenticity simultaneously at a cost significantly lower than that of the naive combination of encrypting and signing the message. Threshold signcryption is used when a message to be sent needs the authentication of a certain number of members in an organisation, and until and unless a given number of members (known as the threshold) join the signcyption process, a particular message cannot be signcrypted. Threshold unsigncryption is used when this constraint is applicable during the unsigncryption process. In this paper, the authors cryptanalyze two threshold unsigncryption schemes. They show that both these schemes do not meet the stringent requirements of insider security and propose attacks on both confidentiality and unforgeability.