Recently, Dario Fiore and Rosario Gennaro proposed the IB-KA protocol, which was inspired by MQV protocol. They provide a full proof of security of IB-KA protocol using techniques developed by Krawczyk in the Canetti-Krawczyk model. They designed the IB-KA protocol with some security properties such as perfect forward secrecy, reflection attack resilience, and key compromise impersonation resilience. But they didn’t consider ephemeral key compromise problem in the design of IB-KA protocol, and made no analysis whether the IB-KA protocol can resist ephemeral key compromise attacks. In this paper, we present ephemeral key compromise attack on the the IB-KA protocol. Our work shows that the IB-KA protocol is designed without ephemeral key compromise resilience.
[1]
Hugo Krawczyk,et al.
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
,
2001,
EUROCRYPT.
[2]
Kristin E. Lauter,et al.
Stronger Security of Authenticated Key Exchange
,
2006,
ProvSec.
[3]
Rosario Gennaro,et al.
Making the Diffie-Hellman Protocol Identity-Based
,
2010,
CT-RSA.
[4]
Hassan M. Elkamchouchi,et al.
An efficient protocol for authenticated key agreement
,
2011,
2011 28th National Radio Science Conference (NRSC).
[5]
Hugo Krawczyk,et al.
HMQV: A High-Performance Secure Diffie-Hellman Protocol
,
2005,
CRYPTO.