The Saeed-Liu-Tian-Gao-Li authenticated key agreement protocol is insecure
This work identifies a critical security flaw in a cryptographic protocol, which is incremental as it critiques an existing scheme rather than proposing a new one.
The paper demonstrates that the Saeed-Liu-Tian-Gao-Li authenticated key agreement protocol is insecure due to a lack of authentication, allowing man-in-the-middle attacks via message replay and compromising keys if ephemeral keys are exposed.
A recently proposed authenticated key agreement protocol is shown to be insecure. In particular, one of the two parties is not authenticated, allowing an active man in the middle opponent to replay old messages. The protocol is essentially an authenticated Diffie-Hellman key agreement scheme, and the lack of authentication allows an attacker to replay old messages and have them accepted. Moreover, if the ephemeral key used to compute a protocol message is ever compromised, then the key established using the replayed message will also be compromised. Fixing the problem is simple - there are many provably secure and standardised protocols which are just as efficient as the flawed scheme.