Two chosen-plaintext attacks on the Li-Wang joint authentication and encryption scheme
In [LW91], Li and Wang proposed a joint authentication and encryption scheme based on algebraic coding theory. They claimed that their scheme is as secure as the Rao-Nam scheme [RN89]. However, in contrast with their claim, it will be shown that this joint authentication and encryption scheme appears to be less secure. In this paper two inherently different chosen-plaintext attacks are presented.
The first attack is based on the linearity of the bit selection function, and obtains a k × n matrix equivalent to the encryption matrix in O(k) encryptions. If the set of error vectors kZ is randomly chosen, about ¦kZ¦ encryptions are necessary to obtain a corresponding set of error vectors. With knowledge of only r error vectors one can always encrypt and decrypt r22k−n messages.
The second attack makes use of the non-linearity of the error function, and always obtains 2k − n rows of the encryption matrix after O(k2) encryptions. Hereafter ¦kZ¦ encryptions are required to create a cryptosystem equivalent to the Li-Wang scheme.
Some extensions of the scheme are discussed, and a general question raised by Brickell and Odlyzko [BO88] related to the Rao-Nam scheme is settled in a negative way.
Unable to display preview. Download preview PDF.
- [BO88]E.F. Brickell and A.M. Odlyzko, Cryptanalysis: A Survey of Recent Results, Proceedings of the IEEE, vol. 76, no. 5, pp. 578–593, May 1988.Google Scholar
- [KZYR89]Kencheng Zeng, C.H. Yang and T.R.N. Rao, On the Linear Consistency Test (LCT) in Cryptanalysis with Applications, Advances in Cryptology-CRYPTO'89, Lecture Notes in Computer Science 435, Springer-Verlag, pp. 164–174, 1989.Google Scholar
- [LW91]Y. Li and X. Wang, A Joint Authentication and Encryption Scheme Based on Algebraic Coding Theory, Applied Algebra, Algebraic Algorithms and Error-Correcting Codes (AAECC'9), Lecture Notes in Computer Science 539, Springer-Verlag, pp. 241–245, October 1991.Google Scholar
- [MS77]F.J. MacWilliams and N.J.A. Sloane, The Theory of Error-Correcting Codes, North-Holland Mathematical Library, Vol. 16, North-Holland, Amsterdam, 1977.Google Scholar
- [McEl78]R.J. McEliece, A Public-Key Cryptosystem Based on Algebraic Coding Theory, DSN Progress Report 42-44, Jet Propulsion Laboratory, Pasadena, pp. 114–116, January 1978.Google Scholar
- [Mass88]J.L. Massey, An Introduction to Contemporary Cryptology, Proceedings of the IEEE, vol. 76, no. 5, pp. 533–549, May 1988.Google Scholar
- [MT91a]J. Meijers and J. van Tilburg, On the Rao-Nam Private-Key Cryptosystem using Linear Codes, Proceedings 1991 IEEE-ISIT, p. 126, Budapest, Hungary, June 1991.Google Scholar
- [MT91b]J. Meijers and J. van Tilburg, Extended Majority Voting and Private-Key Algebraic-Code Encryptions, ASIACRYPT'91, Fujiyoshida, Japan, November 1991.Google Scholar
- [RN89]T.R.N. Rao and K.H. Nam, Private-Key Algebraic-Code Encryptions, IEEE Trans. Inform. Theory, vol. IT-35, no. 4, pp. 829–833, July 1989.Google Scholar
- [Simm88]G.J. Simmons, A Survey of Information Authentication, Proceedings of the IEEE, vol. 76, no. 5, pp. 603–620, May 1988.Google Scholar