Paper 2024/1244
A Note on ``Three-Factor Anonymous Authentication and Key Agreement Based on Fuzzy Biological Extraction for Industrial Internet of Things''
Abstract
We show that the key agreement scheme [IEEE Trans. Serv. Comput. 16(4): 3000-3013, 2023] fails to keep user anonymity, not as claimed. The scheme simply acknowledges that user anonymity is equivalent to preventing user's identity from being recovered. But the true anonymity means that the adversary cannot attribute different sessions to target users. It relates to entity-distinguishable, not just identity-revealable. To the best of our knowledge, it is the first time to clarify the explicit signification of user anonymity.
Metadata
- Available format(s)
- Category
- Attacks and cryptanalysis
- Publication info
- Preprint.
- Keywords
- Key agreementanonymitymutual authenticationentity-distinguishableidentity-revealable
- Contact author(s)
- liulh @ shmtu edu cn
- History
- 2024-08-07: approved
- 2024-08-06: received
- See all versions
- Short URL
- https://ia.cr/2024/1244
- License
-
CC0
BibTeX
@misc{cryptoeprint:2024/1244, author = {Zhengjun Cao and Lihua Liu}, title = {A Note on ``Three-Factor Anonymous Authentication and Key Agreement Based on Fuzzy Biological Extraction for Industrial Internet of Things''}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/1244}, year = {2024}, url = {https://eprint.iacr.org/2024/1244} }