Comments on “Circuit ciphertext-policy attribute-based hybrid encryption with verifiable delegation”

Attribute-based encryption (ABE) with outsourced decryption not only allows fine-grained and versatile sharing of encrypted data, but also largely mitigates the decryption overhead and the ciphertext size in the standard ABE schemes. Very recently, Xu et al. (2016) [3] proposed a hybrid ciphertext-policy ABE with verifiable outsourced decryption in which the authors claimed that the correctness of the outsourced decryption can be verified by the user. Unfortunately, after carefully revisiting the scheme, we found that Xu et al.'s scheme is not secure against forgery attack, hence, a security vulnerability appears. Our proposed attack demonstrates that anyone can forge or tamper a valid ciphertext with a different message to replace the original ciphertext the user intends to decrypt.