Public key versus symmetric key cryptography in client–server authentication protocols

Every month, several new protocols are popping up, comparing themselves with a few others and claiming to outperform the whole state of the art. The most popular domain of protocols is the one for authentication in a client–server architecture for which both symmetric key- and public key-based protocols are being proposed. The usage of public key-based mechanisms has several consequences, not only with respect to an increased computational and communication cost, but also with respect to increased possibilities to strengthen the protocol by making it resistant against a semi-trusted third party. On the other hand, we also recall that symmetric key-based protocols can already offer a nice set of security features. We see a trend in the current generation of papers published on public key-based client–server authentication protocols, showing that only a very limited amount of them really exploit the power that public key cryptography can offer with respect to this privacy towards a semi-trusted third party, and most of them do not even satisfy the same security features able to be also realised by a much more efficient symmetric key-based protocol. This paper serves as a warm wake-up call to all protocol designers to rethink the usage of more heavyweight constructions compared to symmetric key-based mechanisms in order to ensure that if they are used, they also fully exploit their inherent strength.