Security analysis and improvement of a double-trapdoor encryption scheme

At Asia Crypt'03, Bresson et al. proposed a probabilistic public-key encryption scheme with a double-trapdoor decryption mechanism. In this paper, we provide security analysis of it, and point out three insecurities of the encryption scheme. It suffers from (adaptive) chosen ciphertext attacks (CCA) and can be broken in three different ways. By constructing proper ciphertexts, the adversary can calculate the user's private key or factorize the modulus after getting the decrypted plaintexts, so she can decrypt all the plaintexts encrypted under this encryption scheme. To overcome these insecurities, we suggest a simple method to improve the encryption scheme against active attacks and prevent the adversary from getting important or private information, and strengthen its security.