Ephemeral key compromise attack on the IB-KA protocol
نویسندگان
چکیده
Recently, Dario Fiore and Rosario Gennaro proposed the IB-KA protocol, which was inspired by MQV protocol. They provide a full proof of security of IB-KA protocol using techniques developed by Krawczyk in the Canetti-Krawczyk model. They designed the IB-KA protocol with some security properties such as perfect forward secrecy, reflection attack resilience, and key compromise impersonation resilience. But they didn’t consider ephemeral key compromise problem in the design of IB-KA protocol, and made no analysis whether the IB-KA protocol can resist ephemeral key compromise attacks. In this paper, we present ephemeral key compromise attack on the the IB-KA protocol. Our work shows that the IB-KA protocol is designed without ephemeral key compromise resilience.
منابع مشابه
Cryptanalysis of an Identity-Based Multiple Key Agreement Scheme
Multiple key agreement (MKA) protocols allow two parties to generate two or more session keys in one session, which will be used for future secure communications in public network. In recent years, many MKA protocols have been proposed. However, most of them do not consider ephemeral key compromise resilience, and some of them still exists security flaws. In this paper, we analyze the scheme pr...
متن کاملSecurity Analysis of a Pairing-free Identity-based Authenticated Group Key Agreement Protocol for Imbalanced Mobile Networks
Recently, Isalam and Biswas proposed a new group key agreement (GKA) protocol for imbalanced mobile networks. In this letter, we will first prove that Isalam and Biswas’s GKA protocol cannot provide perfect forward secrecy. Then we will point out that their GKA protocol is vulnerable to ephemeral key compromise attack.
متن کاملA Small Subgroup Attack for Recovering Ephemeral Keys in Chang and Chang Password Key Exchange Protocol
Three-party authenticated key exchange protocol is an important cryptographic technique in the secure communication areas. Recently Chang and Chang proposed a novel three party simple key exchange protocol and claimed the protocol is secure, efficient and practical. Unless their claim, a key recovery attack is proposed on the above protocol by recovering the ephemeral keys. One way of recoverin...
متن کاملOn reusing ephemeral keys in Diffie-Hellman key agreement protocols
A party may choose to reuse ephemeral public keys in a Diffie-Hellman key agreement protocol in order to reduce its computational workload or to mitigate against denial-of-service attacks. In this note we highlight the danger of reusing ephemeral keys if domain parameters are not appropriately selected or if public keys are not appropriately validated.
متن کاملSolving the Discrete Logarithm Problem for Ephemeral Keys in Chang and Chang Password Key Exchange Protocol
The present study investigates the difficulty of solving the mathematical problem, namely the DLP (Discrete Logarithm Problem) for ephemeral keys. The DLP is the basis for many public key cryptosystems. The ephemeral keys are used in such systems to ensure security. The DLP defined on a prime field p Z * of random prime is considered in the present study. The most effective method to solve the ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2009 شماره
صفحات -
تاریخ انتشار 2009