In this paper, we show that the Zhao-Liu authenticated encryption scheme is vulnerable to a universal forgery attack. This one malicious verifier is able to use previous signatures to forge the signer's authenticated encryption signature on any message. Two simple methods are presented to withstand this attack. One method also additionally provides the convertible property in the Zhao-Liu authenticated encryption scheme, which allows the verifier to convert the signature into an ordinary one. The converted signature can be verified by anyone, without revealing his/her secret key.
|Number of pages||6|
|Journal||International Journal of Innovative Computing, Information and Control|
|Publication status||Published - 2009 Oct 1|
All Science Journal Classification (ASJC) codes
- Theoretical Computer Science
- Information Systems
- Computational Theory and Mathematics