We revisit the two-party identity-based authenticated key agreement protocol (2P-IDAKA) and its variant resistant to key-compromise impersonation due to McCullagh & Barreto (2005). Protocol 2P-IDAKA carries a proof of security in the Bellare & Rogaway (1993) model. In this paper, we demonstrated why both the protocol and its variant are not secure if the adversary is allowed to send a Reveal query to reveal non-partner players who had accepted the same session key (i.e., termed key-replicating attack in recent work of Krawczyk (2005)). We also demonstrate that both protocols do not achieve the key integrity property, first discussed by Janson & Tsudik (1995).
為了持續優化網站功能與使用者體驗,本網站將Cookies分析技術用於網站營運、分析和個人化服務之目的。
若您繼續瀏覽本網站,即表示您同意本網站使用Cookies。