The author shows that the IDAK key agreement protocol is secure in the Bellare-Rogaway model with random oracles and also provides an ad-hoc security proof claiming that the IDAK protocol is not vulnerable to Key Compromise Impersonation attacks.
In this report, we claim that the IDAK protocol is vulnerable to key-compromise impersonation attacks. Indeed, Wang's results are valid only for a passive adversary that can corrupt parties or reveal certain session-specific data but is not allowed to manipulate protocol transcripts; a model considering this type of adversary is unable to afford KCI resilience.
Category / Keywords: cryptographic protocols / Date: received 8 Nov 2013, last revised 8 Nov 2013, withdrawn 15 Nov 2013 Contact author: strangio at mat uniroma3 it Available format(s): (-- withdrawn --) Version: 20131115:112304 (All versions of this report) Short URL: ia.cr/2013/733 Discussion forum: Show discussion | Start new discussion