Cryptanalysis and improvement of an encryption scheme that uses elliptic curves over finite fields

In this paper, we cryptanalyzed a recently proposed encryption scheme that uses elliptic curves over a finite field. The security of the proposed scheme depends upon the elliptic curve discrete logarithm problem. Two secret keys are used to increase the security strength of the scheme as compared to traditionally used schemes that are based on one secret key. In this scheme, if an adversary gets one secret key then he is unable to get the contents of the original message without the second secret key. Our analysis shows that the proposed scheme is not secure and unable to provide the basic security requirements of the encryption scheme. Due to our successful cryptanalysis, an adversary can get the contents of the original message without the knowledge of the secret keys of the receiver. To mount the attack, Mallory first gets the transmitted ciphertext and then uses public keys of the receiver and global parameters of the scheme to recover the associated plaintext message. To overcome the security flaws, we introduced an improved version of the scheme.