Cryptanalysis and further improvement of Peinado’s improved LHL-key authentication scheme

摘要

In 2004, Peinado pointed out that LHL-key authentication scheme is not secure as the intruder can obtain the private key of the users. For enhancing the security, Peinado proposed an improved LHL-key authentication scheme. However, in this paper, we will show that Peinado’s improved LHL-key authentication scheme is still vulnerable to public key substitution attack, i.e., an intruder can substitute a fake public key for the genuine one. And then, we propose a further improved LHL-key authentication scheme resistant to public key substitution attack.