Paper 2008/248

Cryptanalysis of a client-to-client password-authenticated key agreement protocol

Fengjiao Wang and Yuqing Zhang

Abstract

Recently, Byun et al. proposed an efficient client-to-client password-authenticated key agreement protocol (EC2C-PAKA), which was provably secure in a formally defined security model. This letter shows that EC2C-PAKA protocol is vulnerable to password compromise impersonate attack and man-in-the-middle attack if the key between servers is compromised.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
wangfj @ nipc org cn
History
2008-06-03: received
Short URL
https://ia.cr/2008/248
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2008/248,
      author = {Fengjiao Wang and Yuqing Zhang},
      title = {Cryptanalysis of a client-to-client password-authenticated key agreement protocol},
      howpublished = {Cryptology ePrint Archive, Paper 2008/248},
      year = {2008},
      note = {\url{https://eprint.iacr.org/2008/248}},
      url = {https://eprint.iacr.org/2008/248}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.