Title: On the security of two improved authenticated encryption schemes

Authors: Mohamed Rasslan; Heba K. Aslan

Addresses: Informatics Department, Electronics Research Institute, Cairo, Egypt ' Informatics Department, Electronics Research Institute, Cairo, Egypt

Abstract: Authenticated encryption schemes are cryptographic primitives that are used to simultaneously protect the confidentiality and authenticity of communications. In 2003, Tseng et al. proposed two efficient authenticated encryption schemes with message linkages for message flows. Two years later, Zhang et al. pointed out that these two schemes lack the non-repudiation property and presented a new authenticated encryption scheme to surmount these weaknesses. Besides, in 2006, Hwang et al. presented another forgery attack against the original schemes and proposed some modified schemes to repair these flaws. In this paper, we show that the new authenticated encryption scheme proposed by Zhang et al. does not satisfy its claimed non-repudiation and authentication properties. We also present an attack against Hwang et al.'s scheme that allows a dishonest referee to decrypt all the future and past authenticated ciphertext between the contending parties. Furthermore, we present a simple fix to prevent these attacks.

Keywords: authenticated encryption; confidentiality; authenticity; cryptanalysis; cryptography; authentication; security.

DOI: 10.1504/IJSN.2013.058112

International Journal of Security and Networks, 2013 Vol.8 No.4, pp.194 - 199

Received: 12 Oct 2012
Accepted: 08 Jan 2013

Published online: 08 Dec 2013 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article