Analysis of One Scheme for User Authentication and Session Key Agreement in Wireless Sensor Network Using Smart Card

Zhengjun Cao; Lihua Liu

Paper 2024/1205

Analysis of One Scheme for User Authentication and Session Key Agreement in Wireless Sensor Network Using Smart Card

Zhengjun Cao

Lihua Liu

Abstract

We show that the Chunka-Banerjee-Goswami authentication and key agreement scheme [Wirel. Pers. Commun., 117, 1361-1385, 2021] fails to keep user anonymity, not as claimed. It only keeps pseudonymity. Anonymous actions are designed to be unlinkable to any entity, but pseudonymous actions can be traced back to a certain entity. We also find the scheme is insecure against offline dictionary attack.

Metadata

Available format(s): PDF
Category: Attacks and cryptanalysis
Publication info: Preprint.
Keywords: Key agreement Mutual authentication Anonymity Pseudonymity Offline dictionary attack
Contact author(s): liulh @ shmtu edu cn
History: 2024-07-29: approved; 2024-07-25: received; See all versions
Short URL: https://ia.cr/2024/1205
License: CC0

BibTeX

@misc{cryptoeprint:2024/1205,
      author = {Zhengjun Cao and Lihua Liu},
      title = {Analysis of One Scheme for User Authentication and Session Key Agreement in Wireless Sensor Network Using Smart Card},
      howpublished = {Cryptology ePrint Archive, Paper 2024/1205},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/1205}},
      url = {https://eprint.iacr.org/2024/1205}
}