Paper 2024/1244

A Note on ``Three-Factor Anonymous Authentication and Key Agreement Based on Fuzzy Biological Extraction for Industrial Internet of Things''

Zhengjun Cao
Lihua Liu
Abstract

We show that the key agreement scheme [IEEE Trans. Serv. Comput. 16(4): 3000-3013, 2023] fails to keep user anonymity, not as claimed. The scheme simply acknowledges that user anonymity is equivalent to preventing user's identity from being recovered. But the true anonymity means that the adversary cannot attribute different sessions to target users. It relates to entity-distinguishable, not just identity-revealable. To the best of our knowledge, it is the first time to clarify the explicit signification of user anonymity.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
Key agreementanonymitymutual authenticationentity-distinguishableidentity-revealable
Contact author(s)
liulh @ shmtu edu cn
History
2024-08-07: approved
2024-08-06: received
See all versions
Short URL
https://ia.cr/2024/1244
License
No rights reserved
CC0

BibTeX

@misc{cryptoeprint:2024/1244,
      author = {Zhengjun Cao and Lihua Liu},
      title = {A Note on ``Three-Factor Anonymous Authentication and Key Agreement Based on Fuzzy Biological Extraction for Industrial Internet of Things''},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1244},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1244}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.