In a 2005 IACR report, Wang published an efficient identity-based key agreement protocol (IDAK) suitable for resource constraint devices.
The author shows that the IDAK key agreement protocol is secure in the Bellare-Rogaway model with random oracles and also provides an ad-hoc security proof claiming that the IDAK protocol is not vulnerable to Key Compromise Impersonation attacks.
In this report, we claim that the IDAK protocol is vulnerable to key-compromise impersonation attacks. Indeed, Wang's results are valid only for a passive adversary that can corrupt parties or reveal certain session-specific data but is not allowed to manipulate protocol transcripts; a model considering this type of adversary is unable to afford KCI resilience.
↧