Cryptology ePrint Archive: Report 2020/839

Cryptanalysis of a ``Strengthened'' Key Exchange Protocol for IoT, or When SAKE$^+$ Turns Out to Be SAKE$^-$

Loïc Ferreira

Abstract: In this paper we make an extensive analysis of SAKE$^+$ and SAKE$^+$-AM, two key exchange protocols. We show that several attacks are practicable against these protocols. This invalidates several claims made by the authors regarding the (security) properties of their protocols. Our results question also the correctness of the corresponding security proofs, made in the computational model (using the game-based methodology), and with the ProVerif verification tool.

Category / Keywords: cryptographic protocols / Authenticated key agreement, Cryptanalysis

Date: received 7 Jul 2020, last revised 4 Aug 2020

Contact author: loic ferreira at orange com

Available format(s): PDF | BibTeX Citation

Note: Minor changes

Version: 20200804:080259 (All versions of this report)

Short URL: ia.cr/2020/839