Cryptanalysis of Chang-Chang-s EC-PAKA Protocol for Wireless Mobile Networks
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 33104
Cryptanalysis of Chang-Chang-s EC-PAKA Protocol for Wireless Mobile Networks

Authors: Hae-Soon Ahn, Eun-Jun Yoon

Abstract:

With the rapid development of wireless mobile communication, applications for mobile devices must focus on network security. In 2008, Chang-Chang proposed security improvements on the Lu et al.-s elliptic curve authentication key agreement protocol for wireless mobile networks. However, this paper shows that Chang- Chang-s improved protocol is still vulnerable to off-line password guessing attacks unlike their claims.

Keywords: Authentication, key agreement, wireless mobile networks, elliptic curve, password guessing attacks.

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1076130

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1511

References:


[1] A. Sui, L. Hui, S. Yiu, K. Chow, W. Tsang, C. Chong, K. Pun, and H. Chan, An improved authenticated key agreement protocol with perfect forward secrecy for wireless mobile communication, IEEE Wireless Communications and Networking Conference (WCNC 2005), LA USA, pp. 2088-2093, 2005.
[2] N. Koblitz, Elliptic curve cryptosystems, Mathematics of Computation, vol. 48, pp. 203-209, 1987.
[3] V. S. Miller, Use of elliptic curves in cryptography, Proceedings of Advances in Cryptology Crypto-85, Lecture Notes in Computer Science, Springer, Berlin, vol. 128, pp. 417-426, 1985.
[4] R. Lu, Z. Cao, and H. Zhu, An enhance authentication key agreement protocol for wireless mobile communication, Computer Standards and Interfaces, vol. 29, pp. 647-652, 2007.
[5] C. C. Chang and S. C. Chang, An improved authentication key agreement protocol based on elliptic curve for wireless mobile networks, International Conference on IEEE Intelligent Information Hiding and Multimedia Signal Processing, vol. 1, pp. 1375-1378, 2008.
[6] H. S Kim and J. Y. Choi, Enhanced password-based simple three-party key exchange protocol, Computers & Electrical Engineering, vol. 35, pp. 107-114, 2009.
[7] Y. Ding and P. Horster, Undetectable on-line password guessing attacks, ACM Operating Systems Review, vol. 29, no. 4, pp. 77-86, 1995.
[8] H. J. Kim and E. J. Yoon, Cryptanalysis of an enhanced simple three-party key exchange protocol, Communications in Computer and Information Science, vol. 259, pp. 167-176, 2011.