Petersen and Michels showed that Zheng's signcryption schemes lose confiden
tiality to gain nonrepudiation. They also proposed another signcryption sch
eme modified from a signature scheme giving message recovery. The authors s
how that the Petersen-Michels scheme still violates the unforgeability prop
erty, and propose an improvement that overcomes the security leak inherent
in the scheme. The improvement is as efficient as previous signcryption sch
emes with respect to both the computational cost and the communication over
head.