Analysis of improved signcryption scheme with key privacy

In this paper, we analyse the Yang–Wong–Deng signcryption scheme [G. Yang, D.S. Wong, X. Deng, Analysis and improvement of a signcryption scheme with key privacy, in: Information Security Conference—ISC'05, in: Lecture Notes in Comput. Sci., vol. 3650, Springer-Verlag, Berlin, 2005, pp. 218–232] proposed in ISC'05, which is the improvement and enhancement of the security of Libert–Quisquater signcryption scheme [B. Libert, J.J. Quisquater, Efficient signcryption with key privacy from gap Diffie–Hellman groups, in: Public Key Cryptography—PKC'04, in: Lecture Notes in Comput. Sci., vol. 2947, Springer-Verlag, Berlin, 2004, pp. 187–200]. Although Yang et al. [G. Yang, D.S. Wong, X. Deng, Analysis and improvement of a signcryption scheme with key privacy, in: Information Security Conference—ISC'05, in: Lecture Notes in Comput. Sci., vol. 3650, Springer-Verlag, Berlin, 2005, pp. 218–232] proved that their scheme is secure against adaptive chosen ciphertext attacks and achieves ciphertext anonymity (which is also called key privacy) in the random oracle model; we disprove all their claims and show that their scheme is not semantically secure and does not achieve ciphertext anonymity.