You are looking at a specific version 20121228:170851 of this paper. See the latest version.

Paper 2012/725

Cryptanalysis of an efficient certificateless two-party authenticated key agreement protocol

Qingfeng Cheng

Abstract

Recently, He et al. (Computers and Mathematics with Applications, 2012, 64(6): 1914-1926) proposed a new efficient certificateless two-party authenticated key agreement protocol. They claimed their protocol was provably secure in the extended Canetti-Krawczyk (eCK) model. In this paper, we will show that their protocol is insecure. A type I adversary, who obtains one party's ephemeral private key, can impersonate the party to cheat the other party and compute the shared session key successfully. For overcoming this weakness, we also propose a simple countermeasure.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
AuthenticationCertificateless cryptographyKey agreementTwo-partyEphemeral key compromise attackKey replacement attack
Contact author(s)
qingfengc2008 @ sina com
History
2012-12-28: received
Short URL
https://ia.cr/2012/725
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.