Analysis and improvement of an authenticated key exchange protocol for sensor networks

In 2003, Huang et al. proposed: an authenticated key exchange protocol for secure communications between a sensor and a security manager in a self-organizing sensor network. The protocol is, based on elliptic curve cryptography. In this letter, we show that a security manager will learn the long-term private key of a sensor after having one normal run of-the protocol with the sensor. This contradicts to some of their security claims. We explain why this is undesirable in practice and also-propose an improvement which solves the problem and makes all of their security claims hold again.

[1]  Colin Boyd,et al.  Protocols for Authentication and Key Establishment , 2003, Information Security and Cryptography.

[2]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[3]  Qiang Huang,et al.  Fast authenticated key establishment protocols for self-organizing sensor networks , 2003, WSNA '03.

[4]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[5]  Moti Yung,et al.  Systematic Design of Two-Party Authentication Protocols , 1991, CRYPTO.

[6]  Alfred Menezes,et al.  Elliptic curve public key cryptosystems , 1993, The Kluwer international series in engineering and computer science.