2011 | OriginalPaper | Buchkapitel
Cryptanalysis of a Provably Secure Cross-Realm Client-to-Client Password-Authenticated Key Agreement Protocol of CANS ’09
verfasst von : Wei-Chuen Yau, Raphael C. -W. Phan, Bok-Min Goi, Swee-Huay Heng
Erschienen in: Cryptology and Network Security
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
In this paper, we cryptanalyze the recent smart card based client-to-client password-authenticated key agreement (C2C-PAKA-SC) protocol for cross-realm settings proposed at CANS ’09. While client-to-client password-authenticated key exchange (C2C-PAKE) protocols exist in literature, what is interesting about this one is that it is the only such protocol claimed to offer security against password compromise impersonation without depending on public-key cryptography, and is one of the few C2C-PAKE protocols with provable security that has not been cryptanalyzed. We present three impersonation attacks on this protocol; the first two are easier to mount than the designer-considered password compromise impersonation. Our results are the first known cryptanalysis results on C2C-PAKA-SC.