Cryptanalysis of Improved Liaw's Broadcasting Cryptosystem

A secure broadcasting cryptosystem must provide a secure communication channel from a sender to a group of legal or authorized receivers. Many of the proposed systems [3-5] require a large number of broadcast messages and present a number of problems. Moreover, Liaw [2] proposed a secure broadcasting scheme with fewer broadcasting messages, which allows easy insertion of new users into the active group. Later, Tseng and Jan [1] found several weaknesses in Liaw’s scheme and proposed a modification. The weaknesses detected in [1] allow intruders to obtain the master key by means of a conspiracy attack, thus breaking the security of the system. Moreover, Sun [7] proved that Liaw’s broadcasting cryptosystem cannot be operated because a very large amount of information (~2 bits) must be kept by each user and be sent for each broadcast. In the present paper, an inconsistency in the improvement proposed by Tseng and Jan in [1] is detected precluding its application. New attacks on the original and modified Liaw’s schemes [1, 2] are presented and a new modification is proposed which overcomes the conspiracy attack of Tseng and Jan. We also give our own cryptanalysis. This modification does not require keeping and broadcasting the very large amount of information pointed out in [7].