Cryptanalysis and improvement of the Tzeng–Hwang authenticated encryption scheme based on elliptic curve discrete logarithm problem

摘要

Recently, Tzeng and Hwang proposed an authenticated encryption scheme based on elliptic curve discrete logarithm problem. In such a scheme, the signer can sign a message for a designated verifier and only the designated verifier can retrieve and verify the message from the generated signature. This paper, however, will demonstrate an attack on the Tzeng–Hwang scheme that an adversary intercepting any signature transmitted between the signer and the designated verifier can recover the corresponding signed message, provided that one verified message is released. Finally, we improve the Tzeng–Hwang scheme to counter the proposed attack and achieve the security requirements of an authenticated encryption scheme.