International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR News item: 28 December 2012

Qingfeng Cheng
ePrint Report ePrint Report
Recently, He et al. (Computers and Mathematics with Applications, 2012, 64(6): 1914-1926) proposed a new efficient certificateless two-party authenticated key agreement protocol. They claimed their protocol was provably secure in the extended Canetti-Krawczyk (eCK) model. In this paper, we will show that their protocol is insecure. A type I adversary, who obtains one party\'s ephemeral private key, can impersonate the party to cheat the other party and compute the shared session key successfully. For overcoming this weakness, we also propose a simple countermeasure.

Expand

Additional news items may be found on the IACR news page.