Abstract
Recently, Luo et al. proposed an efficient hierarchical identity based encryption (HIBE) scheme with constant size of ciphertexts, and proved its full security under standard assumptions. To construct the scheme, they used the dual system encryption technique of Waters, and devised a method that compresses the tag values of dual system encryption. In this paper, we show that the security proof of Luo et al. is wrong since there exists an algorithm that distinguishes whether it is a simulation or not.