Comments on two schemes of identity-based user authentication and key agreement for mobile client-server networks

被引:4
|
作者
Shi, Run-hua [1 ]
Zhong, Hong [1 ]
Zhang, Shun [1 ]
机构
[1] Anhui Univ, Sch Comp Sci & Technol, Hefei 230601, Peoples R China
来源
JOURNAL OF SUPERCOMPUTING | 2015年 / 71卷 / 11期
基金
中国国家自然科学基金;
关键词
Authentication; Key agreement; Elliptic curve cryptography; Client-server network;
D O I
10.1007/s11227-015-1496-7
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In recent papers (J Supercomput 66(2):973-988, 2013; J Supercomput 69(1):395-411, 2014), the authors presented two efficient identity-based authenticated key agreement schemes for mobile client-server networks, respectively. In this letter, we show that there is a serious security flaw in the user registration phase of the two schemes: any authorized user can impersonate the server to generate an effective private key of any other user. We then present a suggestion to overcome the problem without losing any good features of the original schemes.
引用
收藏
页码:4015 / 4018
页数:4
相关论文
共 50 条
  • [21] Chaotic Chebyshev Polynomials Based Remote User Authentication Scheme in Client-Server Environment
    Toan-Thinh Truong
    Minh-Triet Tran
    Anh-Duc Duong
    Echizen, Isao
    ICT SYSTEMS SECURITY AND PRIVACY PROTECTION, 2015, 455 : 479 - 494
  • [22] Comments on IMBAS: identity-based multi-user broadcast authentication in wireless sensor networks
    Chien, Hung-Yu
    Lee, Chin-I
    Wu, Tzong-Chen
    SECURITY AND COMMUNICATION NETWORKS, 2013, 6 (08) : 993 - 998
  • [23] An efficient mutual authentication and key agreement protocol preserving user anonymity in mobile networks
    Xu, Jing
    Zhu, Wen-Tao
    Feng, Deng-Guo
    COMPUTER COMMUNICATIONS, 2011, 34 (03) : 319 - 325
  • [24] Two improved two-party identity-based authenticated key agreement protocols
    Holbl, Marko
    Welzer, Tatjana
    COMPUTER STANDARDS & INTERFACES, 2009, 31 (06) : 1056 - 1060
  • [25] An Extended Multi-Server-Based User Authentication and Key Agreement Scheme with User Anonymity
    Li, Chun-Ta
    Lee, Cheng-Chi
    Weng, Chi-Yao
    Fan, Chun-I
    KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, 2013, 7 (01): : 119 - 131
  • [26] A V2V Identity Authentication and Key Agreement Scheme Based on Identity-Based Cryptograph
    Li, Qiang
    FUTURE INTERNET, 2023, 15 (01):
  • [27] Cryptanalysis of Two Dynamic Identity Based Authentication Schemes for Multi-Server Architecture
    Wan Tao
    Jiang Nan
    Ma Jianfeng
    CHINA COMMUNICATIONS, 2014, 11 (11) : 125 - 134
  • [28] AN IDENTITY-BASED KEY AGREEMENT SCHEME FOR LARGE SCALE SENSOR NETWORKS
    Yang Lijun
    Wu Meng
    Ding Chao
    JournalofElectronics(China), 2013, 30 (06) : 574 - 586
  • [29] A pairing-free identity-based authenticated group key agreement protocol for imbalanced mobile networks
    SK Hafizul Islam
    G. P. Biswas
    annals of telecommunications - annales des télécommunications, 2012, 67 : 547 - 558
  • [30] A pairing-free identity-based authenticated group key agreement protocol for imbalanced mobile networks
    Islam, S. K. Hafizul
    Biswas, G. P.
    ANNALS OF TELECOMMUNICATIONS, 2012, 67 (11-12) : 547 - 558
12345