Comments on two schemes of identity-based user authentication and key agreement for mobile client-server networks

被引:5
|
作者
Shi, Run-hua [1 ]
Zhong, Hong [1 ]
Zhang, Shun [1 ]
机构
[1] Anhui Univ, Sch Comp Sci & Technol, Hefei 230601, Peoples R China
来源
JOURNAL OF SUPERCOMPUTING | 2015年 / 71卷 / 11期
基金
中国国家自然科学基金;
关键词
Authentication; Key agreement; Elliptic curve cryptography; Client-server network;
D O I
10.1007/s11227-015-1496-7
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In recent papers (J Supercomput 66(2):973-988, 2013; J Supercomput 69(1):395-411, 2014), the authors presented two efficient identity-based authenticated key agreement schemes for mobile client-server networks, respectively. In this letter, we show that there is a serious security flaw in the user registration phase of the two schemes: any authorized user can impersonate the server to generate an effective private key of any other user. We then present a suggestion to overcome the problem without losing any good features of the original schemes.
引用
收藏
页码:4015 / 4018
页数:4
相关论文
共 50 条
  • [1] Comments on two schemes of identity-based user authentication and key agreement for mobile client–server networks
    Run-hua Shi
    Hong Zhong
    Shun Zhang
    The Journal of Supercomputing, 2015, 71 : 4015 - 4018
  • [2] Comments on ID-Based Client Authentication with Key Agreement Protocol on ECC for Mobile Client-Server Environment
    Islam, S. K. Hafizul
    Biswas, G. P.
    ADVANCES IN COMPUTING AND COMMUNICATIONS, PT 2, 2011, 191 : 628 - 635
  • [3] A novel remote user authentication and key agreement scheme for mobile client-server environment
    Sun, Haiyan
    Wen, Qiaoyan
    Zhang, Hua
    Jin, Zhengping
    APPLIED MATHEMATICS & INFORMATION SCIENCES, 2013, 7 (04): : 1365 - 1374
  • [4] A secure and efficient identity-based authenticated key exchange protocol for mobile client-server networks
    Farash, Mohammad Sabzinejad
    Attari, Mahmoud Ahmadian
    JOURNAL OF SUPERCOMPUTING, 2014, 69 (01): : 395 - 411
  • [5] Remote user authentication and key agreement for mobile client-server environments on elliptic curve cryptography
    Mo, Jiaqing
    Hu, Zhongwang
    Lin, Yuhua
    JOURNAL OF SUPERCOMPUTING, 2018, 74 (11): : 5927 - 5943
  • [6] A heterogeneous user authentication and key establishment for mobile client-server environment
    Li, Fagen
    Wang, Jiye
    Zhou, Yuyang
    Jin, Chunhua
    Islam, S. K. Hafizul
    WIRELESS NETWORKS, 2020, 26 (02) : 913 - 924
  • [7] An efficient remote user authentication and key agreement protocol for mobile client-server environment from pairings
    He, Debiao
    AD HOC NETWORKS, 2012, 10 (06) : 1009 - 1016
  • [8] A New Mutual Authentication and Key Agreement Protocol for Mobile Client-Server Environment
    Tsobdjou, Loic D.
    Pierre, Samuel
    Quintero, Alejandro
    IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, 2021, 18 (02): : 1275 - 1286
  • [9] An efficient user authentication and key exchange protocol for mobile client-server environment
    Wu, Tsu-Yang
    Tseng, Yuh-Min
    COMPUTER NETWORKS, 2010, 54 (09) : 1520 - 1530
  • [10] A multibiometric cryptosystem for user authentication in client-server networks
    Babamir, Faezeh Sadat
    Kirci, Murvet
    COMPUTER NETWORKS, 2020, 181
12345