无证书体制下的多接收者签密密钥封装机制

无证书签密密钥封装机制(CLSC-KEM)与数据封装机制共同构成无证书混合签密方案。该文提出一个新的概念:无证书体制下的多接收者签密密钥封装机制(mCLSC-KEM)。给出了mCLSC-KEM的定义以及安全模型，并构造了一个具体的方案。该方案比一般性构造(对每个接收者分别运行CLSC-KEM)高效很多，其密钥封装仅需计算1个双线性对，且对应的数据封装仅需运行1次对称加密，而一般性构造需计算n个双线性对和n次数据封装(设n个接收者)。在随机预言模型下，基于Gap双线性Diffie-Hellman问题，该文的方案是可证明安全的。

Certificateless Signcryption KEM to Multiple Recipients

Certificateless signcryption key encapsulation mechanism (CLSC-KEM), combined with a data encapsulation mechanism, is used to construct certificateless hybrid signcryption . This paper introduces a new concept: certificateless signcryption KEM to multiple recipients (mCLSC-KEM). The definition and the security models are given for this new primitive, and a concrete mCLSC-KEM scheme is presented. This scheme is much more efficient than the generic construction, for it needs to compute only one pairing during key encapsulation and one symmetric encryption during data encapsulation, in contrast to n pairings and n symmetric encryptions for the generic scheme. Our scheme is provably secure in the random oracle model, under the hardness assumption of the Gap-BDH problem.