On the Security of a Non-Interactive Authenticated Key Agreement over Mobile Communication Networks

Citation

Yau, Wei Chuen and Yap, Wun She and Chin, Ji Jian (2021) On the Security of a Non-Interactive Authenticated Key Agreement over Mobile Communication Networks. Malaysian Journal of Mathematical Sciences, 15(S). pp. 77-89. ISSN 1823-8343

[img] Text
S2021_J327.pdf
Restricted to Repository staff only

Download (1MB)

Abstract

Setting up a common secret key for communications between two parties over insecure mobile communication networks is important for many network applications. Previously, Wu and Lin proposed a non-interactive authenticated key agreement over mobile communication networks with security proofs assuming the Bilinear Diffie-Hellman problem is hard. Wu and Lin scheme is unique as the users do not need to interact at all in sharing a secret key. Besides, their scheme will at least achieve trust level of 2, where the system authority will not know the user secret keys since self-certified cryptography is used. In this paper, we demonstrate that any malicious outsider can break the security of Wu and Lin's scheme by impersonating any one of the party using public key replacement attack. Besides, we show that the system authority can easily recover all the user secret keys which contradicts with the concept of self-certified cryptography. Lastly, if the secret key shared between two parties or one of the party's private key had been compromised, the same two users can no longer communicate in the future since the same secret key will be derived and shared forever. This violates the property of forward secrecy, a property that must be provided for a key agreement scheme.

Item Type: Article
Uncontrolled Keywords: key agreement, security analysis, attacks, communication networks and applications
Subjects: H Social Sciences > HD Industries. Land use. Labor > HD28-70 Management. Industrial Management > HD30.2 Electronic data processing. Information technology. Including artificial intelligence and knowledge management
Divisions: Faculty of Computing and Informatics (FCI)
Depositing User: Ms Nurul Iqtiani Ahmad
Date Deposited: 21 Feb 2022 04:43
Last Modified: 21 Feb 2022 04:43
URII: http://shdl.mmu.edu.my/id/eprint/9972

Downloads

Downloads per month over past year

View ItemEdit (login required)