Key Replicating Attack on Certificateless Authenticated Key Agreement Protocol

Authenticated key agreement protocol is crucial in providing data confidentiality and integrity to subsequent communications among two or more parties over a public network. Certificateless public key cryptography (CL-PKC) combines the advantage of the identity-based public key cryptography (ID-PKC)...

Full description

Saved in:
Bibliographic Details
Main Authors: Mengbo Hou, Qiuliang Xu
Format: Conference Proceeding
Language:English
Subjects:
Authentication
certificateless-based cryptography
Computer science
Cryptographic protocols
Data privacy
identity-based cryptography
Identity-based encryption
implicit key authentication
Information processing
Information security
key agreement protocol
key replicating attack
Public key
Public key cryptography
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 577
container_issue
container_start_page 574
container_title
container_volume 2
creator Mengbo Hou
Qiuliang Xu
description Authenticated key agreement protocol is crucial in providing data confidentiality and integrity to subsequent communications among two or more parties over a public network. Certificateless public key cryptography (CL-PKC) combines the advantage of the identity-based public key cryptography (ID-PKC) and the traditional PKI. In 2007, Y.J Shi and J.H Li proposed a two-party authenticated key agreement protocol based on the certificateless encryption scheme proposed by B. Libert and J.J. Quisquater. It is found that the scheme is vulnerable to the key replicating attack (one form of the man-in-the-middle attack), so it doesnpsilat possess the security attribute of implicit key authentication and key control. We analyze such an attack of this protocol in the BR93 model in detail, and demonstrate that the protocol is not secure if the adversary is allowed to send a reveal query to reveal non-partner players who had accepted the same session key.
doi_str_mv 10.1109/APCIP.2009.277
format conference_proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_5197264</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>5197264</ieee_id><sourcerecordid>5197264</sourcerecordid><originalsourceid>FETCH-LOGICAL-i175t-4114ae7735542fcd04def3febcdb5dca8c5bc5e90f3f302c6a076019693d206e3</originalsourceid><addsrcrecordid>eNotjz1PwzAYhC2hSkCblYXFfyDhtR3b9RhFfFRUNEIwV479phjSpErM0H9PAkwnPac73RFywyBjDMxdUZWbKuMAJuNaX5DE6DVoZaRQxqgFuZ4tA4JxuCTJOH4CADNKcyauyMsznukrntrgbAzdgRYxWvdF-46WOMTQzBxbHEdafMcP7OIv8HTOFYcB8TgxWg197F3frsiise2Iyb8uyfvD_Vv5lG53j5uy2KaBaRnTnLHcotZCypw3zkPusREN1s7X0ju7drJ2Eg1MUAB3yk6H5tFGeA4KxZLc_vUGRNyfhnC0w3kvmdFc5eIHTllPnw</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Key Replicating Attack on Certificateless Authenticated Key Agreement Protocol</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Mengbo Hou ; Qiuliang Xu</creator><creatorcontrib>Mengbo Hou ; Qiuliang Xu</creatorcontrib><description>Authenticated key agreement protocol is crucial in providing data confidentiality and integrity to subsequent communications among two or more parties over a public network. Certificateless public key cryptography (CL-PKC) combines the advantage of the identity-based public key cryptography (ID-PKC) and the traditional PKI. In 2007, Y.J Shi and J.H Li proposed a two-party authenticated key agreement protocol based on the certificateless encryption scheme proposed by B. Libert and J.J. Quisquater. It is found that the scheme is vulnerable to the key replicating attack (one form of the man-in-the-middle attack), so it doesnpsilat possess the security attribute of implicit key authentication and key control. We analyze such an attack of this protocol in the BR93 model in detail, and demonstrate that the protocol is not secure if the adversary is allowed to send a reveal query to reveal non-partner players who had accepted the same session key.</description><identifier>ISBN: 9780769536996</identifier><identifier>ISBN: 0769536999</identifier><identifier>DOI: 10.1109/APCIP.2009.277</identifier><identifier>LCCN: 2009903120</identifier><language>eng</language><publisher>IEEE</publisher><subject>Authentication ; certificateless-based cryptography ; Computer science ; Cryptographic protocols ; Data privacy ; identity-based cryptography ; Identity-based encryption ; implicit key authentication ; Information processing ; Information security ; key agreement protocol ; key replicating attack ; Public key ; Public key cryptography</subject><ispartof>2009 Asia-Pacific Conference on Information Processing, 2009, Vol.2, p.574-577</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/5197264$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,2058,27925,54920</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/5197264$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Mengbo Hou</creatorcontrib><creatorcontrib>Qiuliang Xu</creatorcontrib><title>Key Replicating Attack on Certificateless Authenticated Key Agreement Protocol</title><title>2009 Asia-Pacific Conference on Information Processing</title><addtitle>APCIP</addtitle><description>Authenticated key agreement protocol is crucial in providing data confidentiality and integrity to subsequent communications among two or more parties over a public network. Certificateless public key cryptography (CL-PKC) combines the advantage of the identity-based public key cryptography (ID-PKC) and the traditional PKI. In 2007, Y.J Shi and J.H Li proposed a two-party authenticated key agreement protocol based on the certificateless encryption scheme proposed by B. Libert and J.J. Quisquater. It is found that the scheme is vulnerable to the key replicating attack (one form of the man-in-the-middle attack), so it doesnpsilat possess the security attribute of implicit key authentication and key control. We analyze such an attack of this protocol in the BR93 model in detail, and demonstrate that the protocol is not secure if the adversary is allowed to send a reveal query to reveal non-partner players who had accepted the same session key.</description><subject>Authentication</subject><subject>certificateless-based cryptography</subject><subject>Computer science</subject><subject>Cryptographic protocols</subject><subject>Data privacy</subject><subject>identity-based cryptography</subject><subject>Identity-based encryption</subject><subject>implicit key authentication</subject><subject>Information processing</subject><subject>Information security</subject><subject>key agreement protocol</subject><subject>key replicating attack</subject><subject>Public key</subject><subject>Public key cryptography</subject><isbn>9780769536996</isbn><isbn>0769536999</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2009</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNotjz1PwzAYhC2hSkCblYXFfyDhtR3b9RhFfFRUNEIwV479phjSpErM0H9PAkwnPac73RFywyBjDMxdUZWbKuMAJuNaX5DE6DVoZaRQxqgFuZ4tA4JxuCTJOH4CADNKcyauyMsznukrntrgbAzdgRYxWvdF-46WOMTQzBxbHEdafMcP7OIv8HTOFYcB8TgxWg197F3frsiise2Iyb8uyfvD_Vv5lG53j5uy2KaBaRnTnLHcotZCypw3zkPusREN1s7X0ju7drJ2Eg1MUAB3yk6H5tFGeA4KxZLc_vUGRNyfhnC0w3kvmdFc5eIHTllPnw</recordid><startdate>200907</startdate><enddate>200907</enddate><creator>Mengbo Hou</creator><creator>Qiuliang Xu</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>200907</creationdate><title>Key Replicating Attack on Certificateless Authenticated Key Agreement Protocol</title><author>Mengbo Hou ; Qiuliang Xu</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i175t-4114ae7735542fcd04def3febcdb5dca8c5bc5e90f3f302c6a076019693d206e3</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2009</creationdate><topic>Authentication</topic><topic>certificateless-based cryptography</topic><topic>Computer science</topic><topic>Cryptographic protocols</topic><topic>Data privacy</topic><topic>identity-based cryptography</topic><topic>Identity-based encryption</topic><topic>implicit key authentication</topic><topic>Information processing</topic><topic>Information security</topic><topic>key agreement protocol</topic><topic>key replicating attack</topic><topic>Public key</topic><topic>Public key cryptography</topic><toplevel>online_resources</toplevel><creatorcontrib>Mengbo Hou</creatorcontrib><creatorcontrib>Qiuliang Xu</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Xplore</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Mengbo Hou</au><au>Qiuliang Xu</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Key Replicating Attack on Certificateless Authenticated Key Agreement Protocol</atitle><btitle>2009 Asia-Pacific Conference on Information Processing</btitle><stitle>APCIP</stitle><date>2009-07</date><risdate>2009</risdate><volume>2</volume><spage>574</spage><epage>577</epage><pages>574-577</pages><isbn>9780769536996</isbn><isbn>0769536999</isbn><abstract>Authenticated key agreement protocol is crucial in providing data confidentiality and integrity to subsequent communications among two or more parties over a public network. Certificateless public key cryptography (CL-PKC) combines the advantage of the identity-based public key cryptography (ID-PKC) and the traditional PKI. In 2007, Y.J Shi and J.H Li proposed a two-party authenticated key agreement protocol based on the certificateless encryption scheme proposed by B. Libert and J.J. Quisquater. It is found that the scheme is vulnerable to the key replicating attack (one form of the man-in-the-middle attack), so it doesnpsilat possess the security attribute of implicit key authentication and key control. We analyze such an attack of this protocol in the BR93 model in detail, and demonstrate that the protocol is not secure if the adversary is allowed to send a reveal query to reveal non-partner players who had accepted the same session key.</abstract><pub>IEEE</pub><doi>10.1109/APCIP.2009.277</doi><tpages>4</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISBN: 9780769536996
ispartof 2009 Asia-Pacific Conference on Information Processing, 2009, Vol.2, p.574-577
issn
language eng
recordid cdi_ieee_primary_5197264
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Authentication
certificateless-based cryptography
Computer science
Cryptographic protocols
Data privacy
identity-based cryptography
Identity-based encryption
implicit key authentication
Information processing
Information security
key agreement protocol
key replicating attack
Public key
Public key cryptography
title Key Replicating Attack on Certificateless Authenticated Key Agreement Protocol
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-29T13%3A00%3A57IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Key%20Replicating%20Attack%20on%20Certificateless%20Authenticated%20Key%20Agreement%20Protocol&rft.btitle=2009%20Asia-Pacific%20Conference%20on%20Information%20Processing&rft.au=Mengbo%20Hou&rft.date=2009-07&rft.volume=2&rft.spage=574&rft.epage=577&rft.pages=574-577&rft.isbn=9780769536996&rft.isbn_list=0769536999&rft_id=info:doi/10.1109/APCIP.2009.277&rft_dat=%3Cieee_6IE%3E5197264%3C/ieee_6IE%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-i175t-4114ae7735542fcd04def3febcdb5dca8c5bc5e90f3f302c6a076019693d206e3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=5197264&rfr_iscdi=true