Cryptanalysis of an authentication scheme using an identity based generalized signcryption

Abstract

Secure data transmission is a challenging issue in modern data communication. ID based generalized signcryption is a cost effective security primitive which provides authentication or confidentiality, or jointly confidentiality and authentication. Wei's proposed an ID based generalized signcryption scheme for authentication and confidentiality of big data in a standard model, claiming that their scheme holds the security of indistinguishability against adaptive chosen-ciphertext attacks and existential unforgeability against adaptive chosen message attacks. In this paper, we analyzedWei's scheme by launching security attacks on the scheme to check its validity. As a result, it became clear and proved that the master secret key generated in the scheme is compromisable. Similarly, the mentioned scheme does not hold the security of indistinguishability against adaptive chosen-ciphertext attacks and existential unforgeability against adaptive chosen message attacks. Consequently, Wei's schemes is prone to attacks and is insecure.