Cryptology ePrint Archive: Report 2008/248

Cryptanalysis of a client-to-client password-authenticated key agreement protocol

Fengjiao Wang and Yuqing Zhang

Abstract: Recently, Byun et al. proposed an efficient client-to-client password-authenticated key agreement protocol (EC2C-PAKA), which was provably secure in a formally defined security model. This letter shows that EC2C-PAKA protocol is vulnerable to password compromise impersonate attack and man-in-the-middle attack if the key between servers is compromised.

Category / Keywords: cryptographic protocols /

Date: received 1 Jun 2008

Contact author: wangfj at nipc org cn

Available format(s): PDF | BibTeX Citation

Version: 20080603:012432 (All versions of this report)

Short URL: ia.cr/2008/248

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]