Paper 2012/027

Breaking the provably secure SAKE-C authenticated key exchange protocol with Extended Key Compromise Impersonation (E-KCI) Attack

Ali Mackvandi, Maryam Saeed, and Mansour Naddafiun

Abstract

Authenticated Key Exchange (AKE) protocols are those protocols that allow two or more entities to concur with a common session key in an authentic manner in which this key is used to encrypt the proceeding communications. In 2010, Zhao et al. proposed Provably Secure Authenticated Key Exchange Protocol under the CDH Assumption (referred to as SAKE and SAKE-C). Despite the fact that the security of the proposed protocol is proved in the formal model, due to not considering all the prerequisite queries in defining and designing formal security model, in this letter it is shown that the so-called secure protocol is vulnerable to Extended Key Compromise Impersonation (E-KCI) attack so that this attack is a practicable flaw that was signaled by Tang et al. for the first time in 2011. Unfortunately, it is conspicuously perspicuous that most of the AKE and PAKE protocols are vulnerable to E-KCI attack which is a new-introduced flaw in this field, because even one of the most famous, secure, and efficient PAKE protocols such as the 3-pass HMQV protocol suffers from this vulnerability.