Paper 2012/725

Cryptanalysis of an efficient certificateless two-party authenticated key agreement protocol

Qingfeng Cheng

Abstract

Recently, He et al. (Computers and Mathematics with Applications, 2012, 64(6): 1914-1926) proposed a new efficient certificateless two-party authenticated key agreement protocol. They claimed their protocol was provably secure in the extended Canetti-Krawczyk (eCK) model. In this paper, we will show that their protocol is insecure. A type I adversary, who obtains one party's ephemeral private key, can impersonate the party to cheat the other party and compute the shared session key successfully. For overcoming this weakness, we also propose a simple countermeasure.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
AuthenticationCertificateless cryptographyKey agreementTwo-partyEphemeral key compromise attackKey replacement attack
Contact author(s)
qingfengc2008 @ sina com
History
2012-12-28: received
Short URL
https://ia.cr/2012/725
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2012/725,
      author = {Qingfeng Cheng},
      title = {Cryptanalysis of an efficient certificateless two-party authenticated key agreement protocol},
      howpublished = {Cryptology ePrint Archive, Paper 2012/725},
      year = {2012},
      note = {\url{https://eprint.iacr.org/2012/725}},
      url = {https://eprint.iacr.org/2012/725}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.