INFORMATICA

Informatica

0868-49520868-4952

inf17401

10.15388/Informatica.2006.149

Research article

On the Security Analysis of Lee, Hwang & Lee (2004) and Song & Kim (2000) Key Exchange / Agreement Protocols^✩

Choo

Kim-Kwang Raymond

raymond.choo@aic.gov.auAustralian Institute of Criminology, GPO Box 2944, Canberra ACT 2601, Australia

^✩

The views and opinions expressed in this paper do not necessarily reflect those of the Commonwealth Government, the Minister for Justice and Customs, or the Australian Institute of Criminology. Research was performed while the author was with the Information Security Institute / Queensland University of Technology.

01012006

17446748001052005

We revisit the password-based group key exchange protocol due to Lee et al. (2004), which carries a claimed proof of security in the Bresson et al. model under the intractability of the Decisional Diffie–Hellman problem (DDH) and Computational Diffie–Hellman (CDH) problem. We reveal a previously unpublished flaw in the protocol and its proof, whereby we demonstrate that the protocol violates the definition of security in the model. To provide a better insight into the protocol and proof failures, we present a fixed protocol. We hope our analysis will enable similar mistakes to be avoided in the future. We also revisit protocol 4 of Song and Kim (2000), and reveal a previously unpublished flaw in the protocol (i.e., a reflection attack).

Keywordspassword-based key establishment protocolskey agreement protocolsprovable securityinformation security