ETRI Journal

Electronics and Telecommunications Research Institute (한국전자통신연구원)
권호 표지
DOI QR코드

DOI QR Code

Cryptanalysis of an Authenticated Key Agreement Protocol for Wireless Mobile Communications

  • He, Debiao (School of Mathematics and Statistics, Wuhan University)
  • Received : 2011.07.31
  • Accepted : 2011.11.30
  • Published : 2012.06.01
Download PDF
⟨ Previous Next ⟩

Abstract

With the rapid progress of wireless mobile communications, the authenticated key agreement (AKA) protocol has attracted an increasing amount of attention. However, due to the limitations of bandwidth and storage of the mobile devices, most of the existing AKA protocols are not suitable for wireless mobile communications. Recently, Lo and others presented an efficient AKA protocol based on elliptic curve cryptography and included their protocol in 3GPP2 specifications. However, in this letter, we point out that Lo and others' protocol is vulnerable to an offline password guessing attack. To resist the attack, we also propose an efficient countermeasure.

Keywords

References

  1. 1] A.-F. Sui et al., "An Improved Authenticated Key Agreement Protocol with Perfect Forward Secrecy for Wireless Mobile Communication," IEEE Wireless Commun. Netw. Conf., vol. 4, 2005, pp. 2088-2093.
  2. R. Lu, Z. Cao, and H. Zhu, "An Enhanced Authenticated Key Agreement Protocol for Wireless Mobile Communication," Comput. Stds. Interfaces, vol. 29, 2007, pp. 647-652. https://doi.org/10.1016/j.csi.2007.04.002
  3. C.-C. Chang and S.-C. Chang, "An Improved Authentication Key Agreement Protocol Based on Elliptic Curve For Wireless Mobile Networks," Int. Conf. Intell. Info. Hiding Multimedia Signal Process., 2008, pp. 1375-1378.
  4. J.-W. Lo, C.-C. Lee, and M.-S. Hwang, "A Secure and Efficient ECC-based AKA Protocol for Wireless Mobile Communications," Int. J. Innovative Comput., Info. Control, vol. 6, no. 11, 2010, pp. 5249-5258.

Cited by

  1. Cryptanalysis and Improvement of an Anonymous Authentication Protocol for Wireless Access Networks vol.74, pp.2, 2012, https://doi.org/10.1007/s11277-013-1282-x
  2. An ID‐based mutual authentication with key agreement protocol for multiserver environment on elliptic curve cryptosystem vol.27, pp.8, 2014, https://doi.org/10.1002/dac.2405
  3. An efficient password-based three-party authenticated multiple key exchange protocol for wireless mobile networks vol.70, pp.1, 2012, https://doi.org/10.1007/s11227-014-1198-6
  4. A Provably Secure ID-Based Mutual Authentication and Key Agreement Scheme for Mobile Multi-Server Environment Without ESL Attack vol.79, pp.3, 2014, https://doi.org/10.1007/s11277-014-1968-8
  5. On the security of a dynamic identity‐based remote user authentication scheme with verifiable password update vol.28, pp.5, 2012, https://doi.org/10.1002/dac.2708