Sciweavers

FC
2010
Springer

On Robust Key Agreement Based on Public Key Authentication

14 years 4 months ago
On Robust Key Agreement Based on Public Key Authentication
—This paper discusses public-key authenticated key agreement protocols. First, we critically analyze several authenticated key agreement protocols and uncover various theoretical and practical flaws. In particular, we present two new attacks on the HMQV protocol, which is currently being standardized by IEEE P1363. The first attack presents a counterexample to invalidate the basic authentication in HMQV. The second attack is applicable to almost all past schemes, despite that many of them have formal security proofs. These attacks highlight the difficulty to design a crypto protocol correctly and suggest the caution one should always take. We further point out that many of the design errors are caused by sidestepping an important engineering principle, namely “Do not assume that a message you receive has a particular form (such as gr for known r) unless you can check this”. Constructions in the past generally resisted this principle on the grounds of efficiency: checking the ...
Feng Hao
Added 15 Aug 2010
Updated 15 Aug 2010
Type Conference
Year 2010
Where FC
Authors Feng Hao
Comments (0)