|
|
|
|
cryptanalysis of two authenticated key agreement protocols in multi-server environments
|
|
|
|
|
|
|
|
نویسنده
|
jaberi mehrad ,mala hamid ,sadat madani marzieh
|
|
منبع
|
the isc international journal of information security - 2025 - دوره : 17 - شماره : 2 - صفحه:179 -187
|
|
چکیده
|
Today, the use of multi-server authenticated key agreement (maka) schemes has become widespread. in the multiserver authenticated key agreement, each entity registers with a registration server, and the key agreement takes place. after that, based on the desired applications, the user communicates with the application servers and he/she does not need to register with these service providers anymore. there are many protocols introduced for maka in different environments such as the 5g and cloud service environments, each one could assure some security features such as confidentiality, authentication and privacy. however, some of these schemes are vulnerable to different attacks. in the current paper, we first study two well-known maka schemes called the wang et al.’s protocol (wang et al., 2022) and the palit et al.’s protocol (palit et al., 2023) and then we propose a server spoofing attack on wang et al.’s protocol. on the other hand, we show that palit et al.’s protocol is vulnerable to dos and desynchronization attacks. we also propose some suggestions to make the schemes resistant to those attacks.
|
|
کلیدواژه
|
authentication ,denial of service ,desynchronization attack ,key agreement ,server spoofing attack
|
|
آدرس
|
university of isfahan, faculty of computer engineering, department of it engineering, iran, university of isfahan, faculty of computer engineering, department of it engineering, iran, university of isfahan, faculty of computer engineering, department of it engineering, iran
|
|
پست الکترونیکی
|
m.sadatmadani@eng.ui.ac.ir
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Authors
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|