TY - JOUR
T1 - Cryptanalysis of Lee-Kim-Yoo password-based key agreement scheme
AU - Kwon, Jeoung Ok
AU - Hwang, Jung Yeon
AU - Kim, Changwook
AU - Lee, Dong Hoon
N1 - Funding Information:
This research was supported by the MIC (Ministry of Information and Communication), Korea, under the ITRC (Information Technology Research Center) support program supervised by the IITA (Institute of Information Technology Assessment).
PY - 2005/9/15
Y1 - 2005/9/15
N2 - Recently, Lee et al. [S.W. Lee, H.S. Kim, K.Y. Yoo, Improvement of Lee and Lee's authenticated key agreement scheme, Appl. Math. Comput., in press] showed that Lee-Lee password-based authenticated key agreement scheme [N.Y. Lee, M.F. Lee, Further improvement on the modified authenticated key agreement scheme, Appl. Math. Comput. 157 (2004) 729-733] is vulnerable to an off-line dictionary attack and proposed an improved scheme. In this paper, we show that Lee et al.'s scheme is not only incomplete, i.e., two parties establishing a session key may not share a common session key, but also still vulnerable to an off-line dictionary attack, i.e., an adversary can confirm the correctness of a guessed-password by checking if the scheme's flows are in a domain (for example, whether a flow is in GF(n) or not). A main reason causing these security breaches is that the scheme's flows are constructed by using two different types of group operations. Finally, we suggest a simple counter-measure to overcome the problems.
AB - Recently, Lee et al. [S.W. Lee, H.S. Kim, K.Y. Yoo, Improvement of Lee and Lee's authenticated key agreement scheme, Appl. Math. Comput., in press] showed that Lee-Lee password-based authenticated key agreement scheme [N.Y. Lee, M.F. Lee, Further improvement on the modified authenticated key agreement scheme, Appl. Math. Comput. 157 (2004) 729-733] is vulnerable to an off-line dictionary attack and proposed an improved scheme. In this paper, we show that Lee et al.'s scheme is not only incomplete, i.e., two parties establishing a session key may not share a common session key, but also still vulnerable to an off-line dictionary attack, i.e., an adversary can confirm the correctness of a guessed-password by checking if the scheme's flows are in a domain (for example, whether a flow is in GF(n) or not). A main reason causing these security breaches is that the scheme's flows are constructed by using two different types of group operations. Finally, we suggest a simple counter-measure to overcome the problems.
KW - Cryptography
KW - Dictionary attacks
KW - Password-based key exchange
UR - http://www.scopus.com/inward/record.url?scp=26044435697&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=26044435697&partnerID=8YFLogxK
U2 - 10.1016/j.amc.2004.09.024
DO - 10.1016/j.amc.2004.09.024
M3 - Article
AN - SCOPUS:26044435697
SN - 0096-3003
VL - 168
SP - 858
EP - 865
JO - Applied Mathematics and Computation
JF - Applied Mathematics and Computation
IS - 2
ER -