Cryptanalysis of Lee–Kim–Yoo password-based key agreement scheme

摘要

Recently, Lee et al. [S.W. Lee, H.S. Kim, K.Y. Yoo, Improvement of Lee and Lee’s authenticated key agreement scheme, Appl. Math. Comput., in press] showed that Lee–Lee password-based authenticated key agreement scheme [N.Y. Lee, M.F. Lee, Further improvement on the modified authenticated key agreement scheme, Appl. Math. Comput. 157 (2004) 729–733] is vulnerable to an off-line dictionary attack and proposed an improved scheme. In this paper, we show that Lee et al.’s scheme is not only incomplete, i.e., two parties establishing a session key may not share a common session key, but also still vulnerable to an off-line dictionary attack, i.e., an adversary can confirm the correctness of a guessed-password by checking if the scheme’s flows are in a domain (for example, whether a flow is in GF(n) or not). A main reason causing these security breaches is that the scheme’s flows are constructed by using two different types of group operations. Finally, we suggest a simple counter-measure to overcome the problems.