Résumé: The MQV key agreement protocol has been included in recent standards (IEEE and ANSI), but its two-pass form is vulnerable to an unknown key-share attack. Recently, Lee et al. proposed an efficient two-pass key agreement protocol to withstand the unknown key-share attack. However, this article shows that their protocol is vulnerable to a key-compromise impersonation attack.

Langue: Anglais