In 2011, Eissa, Razak and Ngadi proposed a lightweight authentication and encryption scheme to enhance the performance for mobile ad hoc network in Wireless Network, Vol. 17, No. 4, 2011. The main building block of such scheme is an identity-based encryption scheme. The scheme was proven secure in the random oracle model assuming the computational Diffie-Hellman assumption is hard. In this paper, we show that the proposed scheme is not even secure against chosen plaintext attack, which is the lowest acceptable level of security. In addition, we demonstrate the RSA parameter suggested by Eissa et al. to yield a better network performance is not appropriate under a wrong security assumption that each mobile node is totally trusted. Such short RSA parameter leads to a key recovery attack.
- Security analysis
- Wireless network