Security of robust generalized MQV key agreement protocol without using one-way hash functions |
| |
Authors: | Zuhua Shao |
| |
Affiliation: | Department of Computer and Electronic Engineering, Zhejiang University of Science and Technology, No. 85, Xueyuan Road, Hangzhou, Zhejiang 310012, PR China |
| |
Abstract: | The MQV key agreement protocol has been adopted by IEEE P1363 Committee to become a standard, which uses a digital signature to sign the Diffie–Hellman public keys without using any one-way hash function. Based on the MQV protocol, Harn and Lin proposed a generalized key agreement protocol to enable two parties to establish multiple common secret keys in a single round of message exchange. However, the Harn–Lin protocol suffers from the known-key attack if all the secret keys established are adopted. Recently, Tseng proposed a new generalized MQV key agreement protocol without using one-way hash functions. Tseng claimed that the proposed protocol is robust since the new protocol can withstand the forgery attack and the known-key attack. In this paper we show that this protocol is not secure since the receiver can forge signatures. We also propose an improved authenticated multiple-key agreement protocol, which is secure against the forgery attack and the known-key attack. |
| |
Keywords: | Cryptography Key agreement protocol Digital signature One-way hash function Forgery attack |
本文献已被 ScienceDirect 等数据库收录! |
|