Attack and improvement of the recent identity-based encryption with authorized equivalence test in cluster computing

Recently, Elhabob et al. proposed an identity-based encryption with authorized equivalence test (IBE-AET), which allows authorized testers to check whether messages in two ciphertexts are the same or not under the identity-based setting (Cluster Computing, 2020). This paper looks into the security and correctness of their IBE-AET construction. More specifically, contrary to the security claim in the original paper, we point out that their proposed scheme cannot achieve the indistinguishability under adaptively chosen identity and ciphertext attacks (IND-ID-CCA2) for adversaries who do not have authorization. In terms of the correctness of the scheme, we also identify that their type-4 authorization does not work correctly. Finally, we remedy their construction in order that it satisfies the IND-ID-CCA2 security with the rigorous security proof as well as the type-4 authorization works correctly.