Fathi et al. recently proposed a leakage-resilient authenticated key exchange protocol for a server-client model in mobility environment over wireless links. In the paper, we address flaws in a hash function used in the protocol. The direct use of the hash function cannot guarantee the security of the protocol. We also point out that a combination of the hash function and the RSA cryptosystem in the protocol may not work securely. To remedy these problems, we improve upon the protocol by modifying the hash function correctly.
- E-residue attack
- Key exchange
- Off-line dictionary attack
ASJC Scopus subject areas
- Electrical and Electronic Engineering
- Computer Science Applications
- Applied Mathematics