Title | ||
---|---|---|
Comments on two schemes of identity-based user authentication and key agreement for mobile client---server networks |
Abstract | ||
---|---|---|
In recent papers (J Supercomput 66(2):973---988, 2013; J Supercomput 69(1):395---411, 2014), the authors presented two efficient identity-based authenticated key agreement schemes for mobile client---server networks, respectively. In this letter, we show that there is a serious security flaw in the user registration phase of the two schemes: any authorized user can impersonate the server to generate an effective private key of any other user. We then present a suggestion to overcome the problem without losing any good features of the original schemes. |
Year | DOI | Venue |
---|---|---|
2015 | 10.1007/s11227-015-1496-7 | The Journal of Supercomputing |
Keywords | Field | DocType |
Authentication,Key agreement,Elliptic curve cryptography,Client–server network | Mobile client,Authentication,Computer security,Computer science,Elliptic curve cryptography,Public-key cryptography,AKA,Client–server model | Journal |
Volume | Issue | ISSN |
71 | 11 | 0920-8542 |
Citations | PageRank | References |
3 | 0.48 | 2 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
runhua shi | 1 | 25 | 9.65 |
Hong Zhong | 2 | 90 | 18.46 |
Shun Zhang | 3 | 3 | 0.48 |