Abstract
This paper re-evaluates the security of a secure Lempel-Ziv-Welch (LZW) algorithm proposed at ICME'2008. A chosen-plaintext attack is proposed to break all ciphertext indices corresponding to single-symbol dictionary entries. For short plaintexts the chosen-plaintext attack works well because string-symbol strings appear very frequently. The number of required chosen plaintexts is at the order of the alphabet size. The complexity of the chosen-plaintext attack is O(ML), where M is the number of chosen plaintexts and L is the size of the ciphertext. The chosen-plaintext attack can also be generalized to chosen-ciphertext attack. In addition to the security problem, we point out that the secure LZW algorithm has a lower compression efficiency compared with the original LZW algorithm. Finally we propose several enhancements to the secure LZW algorithm under study.