Cryptanalysis of improved authenticated multiple-key agreement protocol without using conventional one-way function

摘要

Recently, Harn and Lin proposed a multiple-key agreement protocol without using conventional one-way function in a two-pass interaction. Yen and Joye pointed out that their protocol had a high probability vulnerable to suffer from the forgery attack. At the same time, Yen and Joye modified Harn and Lin's protocol to resist the above attack. Later, Wu et al. found Yen and Joye's protocol also existed the same weakness and improved Yen and Joye's protocol. In 2001, Yeh et al. explained Wu et al.'s improvement was not achieved Harn and Lin's requirements and proposed an improved method. Unfortunately, in 2004, Chien and Jan pointed out that Yeh et al.'s improvement was vulnerable to the impersonation attack. For enhancing the security and key utilization, Chien and Jan proposed an improved protocol. However, in this paper, we shall point out that Chien and Jan's improvement also exists the impersonation attack.