Cryptology ePrint Archive: Report 2016/1081

Attacks to a proxy-mediated key agreement protocol based on symmetric encryption

David Nuņez, and Isaac Agudo, and Javier Lopez

Abstract: In this paper, we describe several attacks to the protocol by Nguyen et al. presented at ESORICS 2016, an authenticated key agreement protocol mediated by a proxy entity, restricted to only symmetric encryption primitives and intended for IoT environments. This protocol uses long-term weak secrets as intermediate values during encryption and decryption procedures, which implies that these can be used to encrypt and decrypt messages without knowing the corresponding secret keys. In our work, we show how access to weak secrets can break forward security and lead to key compromise impersonation attacks. Moreover, we demonstrate that this problem cannot be solved even if the affected user revokes his previous secret key and updates it to a new one. In addition, we explain how the choice of a keyed hash as part of the protocol makes it potentially vulnerable to length-extension attacks, depending on the choice of hash function. We illustrate this latter problem experimentally. Finally, we show how a combination of these exploits can be used to set up elaborate attack scenarios.

Category / Keywords: cryptographic protocols / key agreement; proxy re-encryption

Date: received 18 Nov 2016

Contact author: dnunez at lcc uma es

Available format(s): PDF | BibTeX Citation

Version: 20161121:120854 (All versions of this report)

Short URL: ia.cr/2016/1081

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]