Incrementally Executable Signcryptions

We present the concept of incrementally executable signcryptions, which is a generalization of traditional on-line/off-line signcryption and facilitates optimizing the sender’s off-line computation. With an incrementally executable signcryption scheme, the sender can activate signcryption process incrementally by its given sequential input: the sender’s key pair, a recipient’s public key, and a plaintext message to be sent to the recipient. Furthermore, we present an efficient generic construction of incrementally executable signcryption scheme. In our construction, the signing process can be done before being given the recipient’s public key as well as the message to be sent. This feature enables us to accelerate the subsequent processes. Moreover, our construction achieves the strongest security notions without relying on random oracles. In addition, it requires a weak assumption for the underlying signature scheme, i.e., the underlying signature scheme is sufficient to be unforgeable under generic chosen message attack. Furthermore, it supports the parallel un-signcryption feature, which allows receivers to perform two potentially expensive computations, i.e., the verification of off-line signature and the key-decapsulation, in parallel.