Comments on two schemes of identity-based user authentication and key agreement for mobile client-server networks

被引：5

作者：

Shi, Run-hua ^{[1
]}

Zhong, Hong ^{[1
]}

Zhang, Shun ^{[1
]}

机构：

[1] Anhui Univ, Sch Comp Sci & Technol, Hefei 230601, Peoples R China

来源：

JOURNAL OF SUPERCOMPUTING | 2015年 / 71卷 / 11期

基金：

中国国家自然科学基金;

关键词：

Authentication; Key agreement; Elliptic curve cryptography; Client-server network;

D O I：

10.1007/s11227-015-1496-7

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

In recent papers (J Supercomput 66(2):973-988, 2013; J Supercomput 69(1):395-411, 2014), the authors presented two efficient identity-based authenticated key agreement schemes for mobile client-server networks, respectively. In this letter, we show that there is a serious security flaw in the user registration phase of the two schemes: any authorized user can impersonate the server to generate an effective private key of any other user. We then present a suggestion to overcome the problem without losing any good features of the original schemes.

引用

页码：4015 / 4018

页数：4

共 50 条

[31] Identity-based Remote Authentication and Key Agreement Protocol with Anonymity
Zhang Jianjun
Wu Qiwu
PROCEEDINGS OF THE 1ST INTERNATIONAL WORKSHOP ON CLOUD COMPUTING AND INFORMATION SECURITY (CCIS 2013), 2013, 52 : 14 - 17
[32] Password-Based Group Key Agreement Protocol for Client-Server Application
LU Rongxing
WuhanUniversityJournalofNaturalSciences, 2006, (06) : 1701 - 1703
[33] A survey on key management of identity-based schemes in mobile Ad Hoc networks
Hu, L. (525108836@qq.com), 1600, Engineering and Technology Publishing (08)
[34] Modified Chen-Hwang identity-based conference key broadcast schemes with user authentication
Wang, CH
Hwang, T
COMPUTERS & SECURITY, 1997, 16 (04) : 339 - 344
[35] Modified Chen-Hwang identity-based conference key broadcast schemes with user authentication
Natl Cheng-Kung Univ, Tainan, Taiwan
Comput Secur, 4 (339-344):
[36] Chaotic Chebyshev Polynomials Based Remote User Authentication Scheme in Client-Server Environment
Toan-Thinh Truong
Minh-Triet Tran
Anh-Duc Duong
Echizen, Isao
ICT SYSTEMS SECURITY AND PRIVACY PROTECTION, 2015, 455 : 479 - 494
[37] Comments on IMBAS: identity-based multi-user broadcast authentication in wireless sensor networks
Chien, Hung-Yu
Lee, Chin-I
Wu, Tzong-Chen
SECURITY AND COMMUNICATION NETWORKS, 2013, 6 (08) : 993 - 998
[38] Secure Certificateless-Based Authenticated Key Agreement Protocol in the Client-Server Setting
Hou Meng-bo
Xu Qiu-liang
2009 IEEE INTERNATIONAL SYMPOSIUM ON IT IN MEDICINE & EDUCATION, VOLS 1 AND 2, PROCEEDINGS, 2009, : 960 - 965
[39] A Provably Secure Identity-based Authentication Multiple Key Agreement Protocol
Tan Zuowen
CHINA COMMUNICATIONS, 2011, 8 (02) : 26 - 33
[40] Identity-based key agreement and encryption for wireless sensor networks
VEIGNER Christian
The Journal of China Universities of Posts and Telecommunications, 2006, (04) : 54 - 60

← 1 2 3 4 5 →