Abstract:Certificateless signcryption key encapsulation mechanism (CLSC-KEM), combined with a data encapsulation mechanism, is used to construct certificateless hybrid signcryption . This paper introduces a new concept: certificateless signcryption KEM to multiple recipients (mCLSC-KEM). The definition and the security models are given for this new primitive, and a concrete mCLSC-KEM scheme is presented. This scheme is much more efficient than the generic construction, for it needs to compute only one pairing during key encapsulation and one symmetric encryption during data encapsulation, in contrast to n pairings and n symmetric encryptions for the generic scheme. Our scheme is provably secure in the random oracle model, under the hardness assumption of the Gap-BDH problem.