Comments: Insider attack on Cheng et al.'s pairing-based tripartite key agreement protocols

نویسنده

  • Hung-Yu Chien
چکیده

Recently, Cheng et al. proposed two tripartite key agreement protocols from pairings: one is certificate-based and the other is identity-based (ID-based). In this article, we show that the two schemes are vulnerable to the insider impersonation attack and the ID-based scheme even discloses the entities’ private keys. Solutions to this problem are discussed.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Pairing-Based One-Round Tripartite Key Agreement Protocols

Since Joux published the first pairing-based one-round tripartite key agreement protocol [12], many authenticated protocols have been proposed. However most of them were soon broken or proved not to achieve some desirable security attributes. In this paper we present two protocol variants based on Shim [19] and Zhang et al.’s work [23]. As the formalized model of this kind of AK protocols is no...

متن کامل

An Enhanced One-Round Pairing-Based Tripartite Authenticated Key Agreement Protocol

A tripartite authenticated key agreement protocol is generally designed to accommodate the need of three specific entities in communicating over an open network with a shared secret key, which is used to preserve data confidentiality and integrity. Since Joux proposed the first pairing-based oneround tripartite key agreement protocol in 2000, numerous authenticated protocols have been proposed ...

متن کامل

Cryptanalysis of Al-Riyami-Paterson's Authenticated Three Party Key Agreement Protocols

Recently, Al-Riyami and Paterson [1] proposed four authenticated tripartite key agreement protocols which make use of Weil pairing. In this paper, we show that the protocols are insecure against the man-in-the middle attack, key compromise impersonation attack and several known-key attacks.

متن کامل

Comments on a novel user authentication and key agreement scheme

In 2013, Sun et al. showed that the related works' authentication schemes proposed by [2-7] are vulnerable to an insider attack and fail to provide mutual authentication. These two attacks can be successfully plotted by an adversary, since the private key of the server can compute all the legal users’ private keys. They then proposed a new remote user authentication and key agreement scheme for...

متن کامل

Comments on Five Smart Card Based Password Authentication Protocols

In this paper, we use the ten security requirements proposed by Liao et al. for a smart card based authentication protocol to examine five recent work in this area. After analyses, we found that the protocols of Juang et al.¡s , Hsiang et al.¡s, Kim et al.¡s, and Li et al.¡s all suffer from offline password guessing attack if the smart card is lost, and the protocol of Xu et al.¡s is subjected ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2005  شماره 

صفحات  -

تاریخ انتشار 2005