关键词: 签密，广播签密，基于身份的密码，可证明安全

Abstract: A novel identity based broadcast signeryption scheme was proposed to satisfy the diversity and changeability of the current data transmission environment, and guarantee the confidentiality and authority of the transferred information using the integration of the broadcast encryption, the identity-based cryptography and the signcryption. By means of this scheme, taking the various arithmetic operation such as hash, ring add and bilinear pairing et al. , the size of ciphertext is equal to the number of the receiver adding one, and the size of public or private key keeps constant. Simultaneously, the process of signcryption or unsigncryption needs not bilinear pairing operation with high computational cost and storage cost The detailed proof of security shows that the proposed scheme is not only to be IDN-CCA2 secure under the weak I3CDH problem but also to be existentially unforgeable under the EF-ACMA of PSG proposed by Paterson. Furthermore, the proposed scheme is efficient and practical at performance.

Key words: Signcryption, Broadcast signcryption, Identity based cryptography, Provably secure