Main Menu

    Cryptanalysis of a provably secure Cross-Realm Client-to-Client Password-Authenticated Key Agreement protocol of CANS ’09

    Citation

    Yau, Wei-Chuen and Phan, Raphael C. -W. and Goi, Bok-Min and Heng, Swee-Huay (2011) Cryptanalysis of a provably secure Cross-Realm Client-to-Client Password-Authenticated Key Agreement protocol of CANS ’09. In: Cryptology and Network Security. Lecture Notes in Computer Science (7092). Springer Berlin Heidelberg, pp. 172-184. ISBN 978-3-642-25512-0

    [img] Text
    27.pdf
    Restricted to Repository staff only
    Download (246kB)

    Abstract

    In this paper, we cryptanalyze the recent smart card based client-to-client password-authenticated key agreement (C2C-PAKA-SC) protocol for cross-realm settings proposed at CANS ’09. While client-to-client password-authenticated key exchange (C2C-PAKE) protocols exist in literature, what is interesting about this one is that it is the only such protocol claimed to offer security against password compromise impersonation without depending on public-key cryptography, and is one of the few C2C-PAKE protocols with provable security that has not been cryptanalyzed. We present three impersonation attacks on this protocol; the first two are easier to mount than the designer-considered password compromise impersonation. Our results are the first known cryptanalysis results on C2C-PAKA-SC.

    Item Type: Book Section
    Subjects: T Technology > T Technology (General)
    Divisions: Faculty of Information Science and Technology (FIST)
    Depositing User: Ms Rosnani Abd Wahab
    Date Deposited: 15 Jan 2014 02:20
    Last Modified: 15 Jan 2014 02:20
    URII: http://shdl.mmu.edu.my/id/eprint/4839

    Downloads

    Downloads per month over past year

    View ItemEdit (login required)

    MMU Institutional Repository is powered by EPrints | Siti Hasmah Digital Library | Multimedia University