A note on ``SCPUAK: smart card-based secure protocol for remote user authentication and key agreement''

Zhengjun Cao; Lihua Liu

Paper 2023/1671

A note on ``SCPUAK: smart card-based secure protocol for remote user authentication and key agreement''

Zhengjun Cao

Lihua Liu

Abstract

We show that the Cherbal-Benchetioui key agreement scheme [Comput. Electr. Eng., 109, 108759 (2023)] fails to keep user anonymity, not as claimed. The scheme simply thinks that user anonymity is equivalent to protecting the user's real identity. But the true anonymity means that the adversary cannot attribute different sessions to target entities, which relates to entity-distinguishable, not just identity-revealable.

Metadata

Available format(s): PDF
Category: Attacks and cryptanalysis
Publication info: Preprint.
Keywords: Authentication Anonymity Key agreement Internet of Things
Contact author(s): caozhj @ shu edu cn
liulh @ shmtu edu cn
History: 2023-10-30: approved; 2023-10-27: received; See all versions
Short URL: https://ia.cr/2023/1671
License: CC0

BibTeX

@misc{cryptoeprint:2023/1671,
      author = {Zhengjun Cao and Lihua Liu},
      title = {A note on ``SCPUAK: smart card-based secure protocol for remote user authentication and key agreement''},
      howpublished = {Cryptology ePrint Archive, Paper 2023/1671},
      year = {2023},
      note = {\url{https://eprint.iacr.org/2023/1671}},
      url = {https://eprint.iacr.org/2023/1671}
}