Title: On the security of two improved authenticated encryption schemes
Authors: Mohamed Rasslan; Heba K. Aslan
Addresses: Informatics Department, Electronics Research Institute, Cairo, Egypt ' Informatics Department, Electronics Research Institute, Cairo, Egypt
Abstract: Authenticated encryption schemes are cryptographic primitives that are used to simultaneously protect the confidentiality and authenticity of communications. In 2003, Tseng et al. proposed two efficient authenticated encryption schemes with message linkages for message flows. Two years later, Zhang et al. pointed out that these two schemes lack the non-repudiation property and presented a new authenticated encryption scheme to surmount these weaknesses. Besides, in 2006, Hwang et al. presented another forgery attack against the original schemes and proposed some modified schemes to repair these flaws. In this paper, we show that the new authenticated encryption scheme proposed by Zhang et al. does not satisfy its claimed non-repudiation and authentication properties. We also present an attack against Hwang et al.'s scheme that allows a dishonest referee to decrypt all the future and past authenticated ciphertext between the contending parties. Furthermore, we present a simple fix to prevent these attacks.
Keywords: authenticated encryption; confidentiality; authenticity; cryptanalysis; cryptography; authentication; security.
International Journal of Security and Networks, 2013 Vol.8 No.4, pp.194 - 199
Received: 12 Oct 2012
Accepted: 08 Jan 2013
Published online: 08 Dec 2013 *