Comments on the security of Chen’s authenticated encryption scheme

Chen (Computers and Electrical Engineering, vol. 30, 2004) illustrated that Tseng et al.’s authenticated encryption schemes, with message linkages for message flows, do not achieve their claimed integrity and authenticity properties. Furthermore, Chen presented some modified schemes to repair these flaws. In this paper, we show that the modified schemes proposed by Chen are not secure. In particular, we present an attack that allows a dishonest referee, in case of a dispute, to decrypt all the future and past authenticated ciphertext between the contended parties. We also present a simple fix to prevent this attack.