| Autor: |
Alekseev, Evgeny, Kyazhin, Sergey, Smyshlyaev, Stanislav |
| Zdroj: |
Journal of Computer Virology and Hacking Techniques; 20240101, Issue: Preprints p1-6, 6p |
| Abstrakt: |
The paper considers the following situation: as a result of interaction under the authenticated key establishment protocol, the parties successfully establish a common key and correctly authenticate each other, but they obtain identical roles, i.e. both parties believe that they are initiators (or responders). The requirement to setup different roles was presented in well-known papers dedicated to the analysis of cryptographic properties of such protocols, but was of a technical nature. In the current paper, examples that show how application-layer information system can be negatively affected by the setup of identical roles are given. Thus this situation should be considered as a threat to authenticated key establishment protocols. The paper contains examples of attacks realizing this threat for the HMQV and SIGMA protocols, as well as two methods of modifying such protocols to protect them against this threat. |
| Databáze: |
Supplemental Index |
| Externí odkaz: |
|
Full text from SpringerLink