On the Security of Hwang-Lo-Hsiao-Chu Authenticated Encryption Schemes

In 2006, Hwang et al. presented a forgery attack against Tseng et al.’s efficient authenticated encryption schemes with message linkages for message flows. Moreover, they proposed some modified schemes to repair these flaws. In this paper, we show that the improved authenticated encryption schemes proposed by Hwang et al. are insecure by presenting another attack that allows a dishonest referee, dealing with a dispute, to decrypt all the future and past authenticated ciphertext between the contending parties. This attack proves that Hwang et al.’s schemes contradict the forward and backward confidentiality requirements of authenticated encryption schemes.