Paper 2024/1411

Design issues of ``an anonymous authentication and key agreement protocol in smart living''

Zhengjun Cao
Lihua Liu
Abstract

The Li et al.'s scheme [Computer Communications, 186 (2022), 110-120)] uses XOR operation to realize the private transmission of sensitive information, under the assumption that if only one parameter in the expression $ a= b\oplus c $ is known, an adversary cannot retrieve the other two. The assumption neglects that the operands $b$ and $c$ must be of the same bit-length, which leads to the exposure of a substring in the longer operand. The scheme wrongly treats timestamps as random strings to encrypt a confidential parameter. These misuses result in the loss of sensor node's anonymity, the loss of user anonymity and untraceability, insecurity against off-line password guessing attack, and insecurity against impersonation attack. The analysis techniques developed in this note is helpful for the future works on designing such schemes.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
AuthenticationAnonymityKey agreementImpersonation attack
Contact author(s)
liulh @ shmtu edu cn
History
2024-09-11: approved
2024-09-10: received
See all versions
Short URL
https://ia.cr/2024/1411
License
No rights reserved
CC0

BibTeX

@misc{cryptoeprint:2024/1411,
      author = {Zhengjun Cao and Lihua Liu},
      title = {Design issues of ``an anonymous authentication and key agreement protocol in smart living''},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1411},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1411}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.