Comments on two schemes of identity-based user authentication and key agreement for mobile client-server networks

被引:5
|
作者
Shi, Run-hua [1 ]
Zhong, Hong [1 ]
Zhang, Shun [1 ]
机构
[1] Anhui Univ, Sch Comp Sci & Technol, Hefei 230601, Peoples R China
来源
JOURNAL OF SUPERCOMPUTING | 2015年 / 71卷 / 11期
基金
中国国家自然科学基金;
关键词
Authentication; Key agreement; Elliptic curve cryptography; Client-server network;
D O I
10.1007/s11227-015-1496-7
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In recent papers (J Supercomput 66(2):973-988, 2013; J Supercomput 69(1):395-411, 2014), the authors presented two efficient identity-based authenticated key agreement schemes for mobile client-server networks, respectively. In this letter, we show that there is a serious security flaw in the user registration phase of the two schemes: any authorized user can impersonate the server to generate an effective private key of any other user. We then present a suggestion to overcome the problem without losing any good features of the original schemes.
引用
收藏
页码:4015 / 4018
页数:4
相关论文
共 50 条
  • [21] An efficient certificateless user authentication and key exchange protocol for client-server environment
    Hassan, Alzubair
    Eltayieb, Nabeil
    Elhabob, Rashad
    Li, Fagen
    JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING, 2018, 9 (06) : 1713 - 1727
  • [22] An efficient certificateless user authentication and key exchange protocol for client-server environment
    Alzubair Hassan
    Nabeil Eltayieb
    Rashad Elhabob
    Fagen Li
    Journal of Ambient Intelligence and Humanized Computing, 2018, 9 : 1713 - 1727
  • [23] A Provably Secure Certificateless User Authentication Protocol for Mobile Client-Server Environment
    Hassan, Alzubair
    Eltayieb, Nabeil
    Elhabob, Rashad
    Li, Fagen
    ADVANCES IN INTERNETWORKING, DATA & WEB TECHNOLOGIES, EIDWT-2017, 2018, 6 : 592 - 602
  • [24] An ameliorated two-factor anonymous key exchange authentication protocol for mobile client-server environment
    Mahmood, Khalid
    Naqvi, Husnain
    Alzahrani, Bander A.
    Mehmood, Zahid
    Irshad, Azeem
    Chaudhry, Shehzad Ashraf
    INTERNATIONAL JOURNAL OF COMMUNICATION SYSTEMS, 2018, 31 (18)
  • [25] A heterogeneous user authentication and key establishment for mobile client–server environment
    Fagen Li
    Jiye Wang
    Yuyang Zhou
    Chunhua Jin
    SK Hafizul Islam
    Wireless Networks, 2020, 26 : 913 - 924
  • [26] A Two-Party Identity-Based Key Agreement Protocol with Explicit Authentication
    Yang, Haomin
    Zhang, Yaoxue
    Zhou, Yuezhi
    2012 INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, NETWORKING AND MOBILE COMPUTING (WICOM), 2012,
  • [27] Key revocation for identity-based schemes in mobile ad hoc networks
    Hoeper, Katrin
    Gong, Guang
    AD-HOC, MOBILE, AND WIRELESS NETWORKS, PROCEEDINGS, 2006, 4104 : 224 - 237
  • [28] Identity authentication and key agreement schemes for ad hoc networks
    Al-Fayoumi, Mohammad A.
    Aboud, Sattar J.
    Journal of Applied Sciences, 2007, 7 (12) : 1638 - 1642
  • [29] Identity-Based User Authenticated Key Agreement Protocol for Multi-Server Environment with Anonymity
    Hassan, Alzubair
    Omala, Anyembe Andrew
    Ali, Mohamed
    Jin, Chunhua
    Li, Fagen
    MOBILE NETWORKS & APPLICATIONS, 2019, 24 (03): : 890 - 902
  • [30] Identity-Based User Authenticated Key Agreement Protocol for Multi-Server Environment with Anonymity
    Alzubair Hassan
    Anyembe Andrew Omala
    Mohamed Ali
    Chunhua Jin
    Fagen Li
    Mobile Networks and Applications, 2019, 24 : 890 - 902
12345