On the Security of Certificateless Authenticated Key Agreement Protocol (CL-AK) for Grid Computing

Grid security infrastructure (GSI) provides an efficient mechanism to solve security problems using conventional public key infrastructure (PKI). The notion of certificateless public key cryptography gives another efficient cryptographic primitive to support Grid security services. In the recent wor...

Full description

Saved in:
Bibliographic Details
Main Authors: Mengbo Hou, Qiuliang Xu
Format: Conference Proceeding
Language:English
Subjects:
Authentication
certificateless-based cryptography
Computer science
Computer security
Cryptographic protocols
Data security
Grid computing
Grid security
Identity-based encryption
key agreement protocols
key compromise impersonation
key replicating attack
Protection
Public key
Public key cryptography
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Grid security infrastructure (GSI) provides an efficient mechanism to solve security problems using conventional public key infrastructure (PKI). The notion of certificateless public key cryptography gives another efficient cryptographic primitive to support Grid security services. In the recent work, Wang et al. proposed the first certificateless authentication and key agreement protocol (CL-AK) for Grid computing based on the Diffie-Hellman key agreement protocol and certificateless public key cryptography, which fits well with the GSI and provides a more lightweight key management approach for entity or data authentication and confidential protection. The authors declare that the protocol achieves many security goals. However, we found the scheme cannot withstand key compromise impersonation attack and key replicating attack, thus it doesn't possess some desirable security attributes, such as key compromise impersonation resilience and key integrity. We analyze the key replicating attack against the protocol in the BR93 security model in more detail.
ISSN:1949-131X
1949-1328
DOI:10.1109/ChinaGrid.2009.13