Impersonation attacks on key agreement protocols resistant to denial of service attacks

Abstract

Hirose and Yoshida proposed an authenticated key agreement protocol based on the intractability of the Computational Diffie-Hellman problem. Recently, Hirose and Matsuura pointed out that Hirose and Yoshida's protocol is vulnerable to Denial-of-Service (DoS) attacks. And they proposed two key agreement protocols which are resistant to the DoS attacks. Their protocols are the first authenticated key agreement protocols resistant to both the storage exhaustion attack and the CPU exhaustion attack. In this paper we show that Hirose and Matsuura's DoS-resistant key agreement protocols and Hirose and Yoshida's key agreement protocol are vulnerable to impersonation attacks. We make suggestions for improvements. Copyright © 2006 The Institute of Electronics, Information and Communication Engineers.