Wei Yuan, Liang Hu, Hongtu Li, Kuo Zhao, Jiang-feng Chu, Yuyu Sun
{"title":"基于身份的三方认证密钥协议密钥复制攻击","authors":"Wei Yuan, Liang Hu, Hongtu Li, Kuo Zhao, Jiang-feng Chu, Yuyu Sun","doi":"10.1109/NCIS.2011.147","DOIUrl":null,"url":null,"abstract":"In 2009, Mengbo Hou and Qiuliang Xu found the key replicating attack in the BR93 security model on a Certificateless two-party authenticated key agreement protocol proposed by Y.J Shi and J.H Li. In 2010, Marko Hölbl, Tatjana Welzer and Boštjan Brumen proposed a one-round identity-based three-party authenticated key agreement protocol using pairings called IDAK3-P1 and declared that the protocol had the attributes of known-key security, forward secrecy, key-compromise impersonation resilience, unknown key-share resilience and key control. In this paper, we make a systematic analysis on IDAK3-P1 and find it has similar structure as the Y.J Shi and J.H Li's protocol. We introduce Mengbo Hou and Qiuliang Xu's attack method in identifying the vulnerability of IDAK3-P1. Our analysis shows that the IDAK3-P1 is vulnerable to the key replicating attack in the BR model. Therefore, it doesn't possess the security attributes of implicit key authentication and key control as declared.","PeriodicalId":215517,"journal":{"name":"2011 International Conference on Network Computing and Information Security","volume":"34 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Key Replicating Attack on an Identity-Based Three-Party Authenticated Key Agreement Protocol\",\"authors\":\"Wei Yuan, Liang Hu, Hongtu Li, Kuo Zhao, Jiang-feng Chu, Yuyu Sun\",\"doi\":\"10.1109/NCIS.2011.147\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In 2009, Mengbo Hou and Qiuliang Xu found the key replicating attack in the BR93 security model on a Certificateless two-party authenticated key agreement protocol proposed by Y.J Shi and J.H Li. In 2010, Marko Hölbl, Tatjana Welzer and Boštjan Brumen proposed a one-round identity-based three-party authenticated key agreement protocol using pairings called IDAK3-P1 and declared that the protocol had the attributes of known-key security, forward secrecy, key-compromise impersonation resilience, unknown key-share resilience and key control. In this paper, we make a systematic analysis on IDAK3-P1 and find it has similar structure as the Y.J Shi and J.H Li's protocol. We introduce Mengbo Hou and Qiuliang Xu's attack method in identifying the vulnerability of IDAK3-P1. Our analysis shows that the IDAK3-P1 is vulnerable to the key replicating attack in the BR model. Therefore, it doesn't possess the security attributes of implicit key authentication and key control as declared.\",\"PeriodicalId\":215517,\"journal\":{\"name\":\"2011 International Conference on Network Computing and Information Security\",\"volume\":\"34 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-05-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 International Conference on Network Computing and Information Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NCIS.2011.147\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 International Conference on Network Computing and Information Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NCIS.2011.147","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Key Replicating Attack on an Identity-Based Three-Party Authenticated Key Agreement Protocol
In 2009, Mengbo Hou and Qiuliang Xu found the key replicating attack in the BR93 security model on a Certificateless two-party authenticated key agreement protocol proposed by Y.J Shi and J.H Li. In 2010, Marko Hölbl, Tatjana Welzer and Boštjan Brumen proposed a one-round identity-based three-party authenticated key agreement protocol using pairings called IDAK3-P1 and declared that the protocol had the attributes of known-key security, forward secrecy, key-compromise impersonation resilience, unknown key-share resilience and key control. In this paper, we make a systematic analysis on IDAK3-P1 and find it has similar structure as the Y.J Shi and J.H Li's protocol. We introduce Mengbo Hou and Qiuliang Xu's attack method in identifying the vulnerability of IDAK3-P1. Our analysis shows that the IDAK3-P1 is vulnerable to the key replicating attack in the BR model. Therefore, it doesn't possess the security attributes of implicit key authentication and key control as declared.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
