Recently two encryption schemes were proposed by combining circular bit shift and XOR operations, under the control of a pseudorandom bit sequence (PRBS) generated from a chaotic system. This paper studies the security of these two encryption schemes and reports the following findings: 1) there exist some security defects in both schemes; 2) the underlying chaotic PRBS can be reconstructed as an equivalent key by using only two chosen plaintexts; 3) most elements in the underlying chaotic PRBS can be obtained by a differential known-plaintext attack using only two known plaintexts. Experimental results are given to demonstrate the feasibility of the proposed attack.