Open AccessOn the security of Kim et al . two ID‐based broadcast signcryption schemes
Author(s) -
Zhang Jianhong,
Tang Wenjing
Publication year - 2014
Publication title -
security and communication networks
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.446
H-Index - 43
eISSN - 1939-0122
pISSN - 1939-0114
DOI - 10.1002/sec.1099
Subject(s) - signcryption , computer science , ciphertext , broadcast encryption , encryption , computer security , confidentiality , authenticated encryption , authentication (law) , computer network , semantic security , public key cryptography , attribute based encryption
Abstract As a combination of broadcast encryption and signcryption, broadcast signcryption enables a broadcaster to simultaneously achieve encryption and signature for a specific set of receivers in a single logical step. And it can provide a very efficient solution to achieve confidentiality and authentication of message source during information distribution. Recently, to achieve both confidentiality and authenticity simultaneously, Kim et al . proposed two source‐authenticated broadcast encryption schemes and claimed that their two schemes could provide both authentication and confidentiality simultaneously. Despite being proven to secure, their schemes are shown to be insecure in this paper, namely, they cannot achieve authentication and confidentiality of message. An attacker can forge a ciphertext and convince a specified receiver that the ciphertext is from a valid broadcaster. 3 After the corresponding attacks are given, the reasons to produce such attacks are analyzed at last. Copyright © 2014 John Wiley & Sons, Ltd.