| Article ID | Journal | Published Year | Pages | File Type |
|---|---|---|---|---|
| 429035 | Information Processing Letters | 2011 | 4 Pages |
We introduce an extended Key Compromise Impersonation (KCI) attack against two-party key establishment protocols, where an adversary has access to both long-term and ephemeral secrets of a victim. Such an attack poses serious threats to both key authentication and key confirmation properties of a key agreement protocol, and it seems practical because the adversary could obtain the victimʼs ephemeral secret in a number of methods; for example, by installing some Trojan horse into the victimʼs computer platform or by exploiting the imperfectness of the pseudo-random number generator in the platform. We demonstrate that the 3-pass HMQV protocol, which is secure against the standard KCI attack, is vulnerable to this new attack. Furthermore, we show a countermeasure to prevent such an attack.
► We introduce the concept of extended KCI attack. ► We mount this attack against the 3-pass HMQV protocol. ► We propose a countermeasure against the attack.
