Cryptanalysis of an identity‐based authenticated key exchange protocol |
| |
| Authors: | Younes Hatri Ayoub Otmani Kenza Guenda |
| |
| Affiliation: | 1. Université des Sciences et de la Technologie Houari Boumediene, Bab Ezzouar, Algeria;2. Normandie Univ, UR, LITIS, Mont‐Saint‐Aignan, France;3. Faculty of Engineering University of Victoria P.O. Box 1700 STN CSC V8W 2Y2, CANADA |
| |
| Abstract: | Authenticated key exchange protocols represent an important cryptographic mechanism that enables several parties to communicate securely over an open network. Elashry, Mu, and Susilo proposed an identity‐based authenticated key exchange (IBAKE) protocol where different parties establish secure communication by means of their public identities.The authors also introduced a new security notion for IBAKE protocols called resiliency, that is, if the secret shared key is compromised, the entities can generate another shared secret key without establishing a new session between them. They then claimed that their IBAKE protocol satisfies this security notion. We analyze the security of their protocol and prove that it has a major security flaw, which renders it insecure against an impersonation attack. We also disprove the resiliency property of their scheme by proposing an attack where an adversary can compute any shared secret key if just one secret bit is leaked. |
| |
| Keywords: | authenticated key exchange cryptanalysis identity‐based cryptography quadratic residuosity assumption |
|
|
