On the Security of Convertible Multiauthenticated Encryption Scheme and Its Improved Scheme

Abstract Multi-authenticated encryption is an important message transmission technique, which can send message in a secure and authentic way, and allows a group of signers to cooperatively produce a valid authenticated ciphertext so that only the specific recipient can recover the message and verify the signature. In 2008, Wu et al. proposed a convertible multi-authenticated encryption scheme. However, Tsai et al. showed that the computational complexity of this scheme is rather high and the message redundancy is used. To improve the computational efficiency and remove the message redundancy, they proposed a new convertible multi-authenticated encryption scheme based on the intractability of one-way hash functions and discrete logarithms. In this paper, we show that Tsai et al.’s scheme is not secure against rogue-key attacks. To overcome such attack, we give an improved multi-authenticated encryption scheme by including two hash functions. And our improved scheme is the same efficiency as Tsai et.al.’s scheme.