Cryptanalysis of a provably secure Cross-Realm Client-to-Client Password-Authenticated Key Agreement protocol of CANS ’09

Citation

Yau, Wei-Chuen and Phan, Raphael C. -W. and Goi, Bok-Min and Heng, Swee-Huay (2011) Cryptanalysis of a provably secure Cross-Realm Client-to-Client Password-Authenticated Key Agreement protocol of CANS ’09. In: Cryptology and Network Security. Lecture Notes in Computer Science (7092). Springer Berlin Heidelberg, pp. 172-184. ISBN 978-3-642-25512-0

[img] Text
27.pdf
Restricted to Repository staff only

Download (246kB)

Abstract

In this paper, we cryptanalyze the recent smart card based client-to-client password-authenticated key agreement (C2C-PAKA-SC) protocol for cross-realm settings proposed at CANS ’09. While client-to-client password-authenticated key exchange (C2C-PAKE) protocols exist in literature, what is interesting about this one is that it is the only such protocol claimed to offer security against password compromise impersonation without depending on public-key cryptography, and is one of the few C2C-PAKE protocols with provable security that has not been cryptanalyzed. We present three impersonation attacks on this protocol; the first two are easier to mount than the designer-considered password compromise impersonation. Our results are the first known cryptanalysis results on C2C-PAKA-SC.

Item Type: Book Section
Subjects: T Technology > T Technology (General)
Divisions: Faculty of Information Science and Technology (FIST)
Depositing User: Ms Rosnani Abd Wahab
Date Deposited: 15 Jan 2014 02:20
Last Modified: 15 Jan 2014 02:20
URII: http://shdl.mmu.edu.my/id/eprint/4839

Downloads

Downloads per month over past year

View ItemEdit (login required)