An unknown key-share attack on the MQV key agreement protocol
ACM Transactions on Information and System Security (TISSEC)
Handbook of Applied Cryptography
Handbook of Applied Cryptography
An Efficient Protocol for Authenticated Key Agreement
Designs, Codes and Cryptography
Differential Fault Attacks on Elliptic Curve Cryptosystems
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
The Exact Security of ECIES in the Generic Group Model
Proceedings of the 8th IMA International Conference on Cryptography and Coding
Validation of Elliptic Curve Public Keys
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
A Key Recovery Attack on Discrete Log-based Schemes Using a Prime Order Subgroupp
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Efficient proofs of knowledge of discrete logarithms and representations in groups with hidden order
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
HMQV: a high-performance secure diffie-hellman protocol
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Cryptanalysis of an efficient proof of knowledge of discrete logarithm
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS
Designs, Codes and Cryptography
Strongly Secure Authenticated Key Exchange without NAXOS' Approach
IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
Provably secure authenticated key exchange protocol under the CDH assumption
Journal of Systems and Software
A new security model for authenticated key agreement
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
A secure and efficient authenticated Diffie-Hellman protocol
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
Designing efficient authenticated key exchange resilient to leakage of ephemeral secret keys
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Provably secure three-party password-based authenticated key exchange protocol
Information Sciences: an International Journal
On robust key agreement based on public key authentication
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Security analysis of a multi-factor authenticated key exchange protocol
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
A complementary analysis of the (s)YZ and DIKE protocols
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
OAKE: a new family of implicitly authenticated diffie-hellman protocols
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.01 |
HMQV is a hashed variant of the MQV key agreement protocol proposed by Krawczyk at CRYPTO 2005. In this paper, we present some attacks on HMQV and MQV that are successful if public keys are not properly validated. In particular, we present an attack on the two-pass HMQV protocol that does not require knowledge of the victim's ephemeral private keys. The attacks illustrate the importance of performing some form of public-key validation in Diffie-Hellman key agreement protocols, and furthermore highlight the dangers of relying on security proofs for discrete-logarithm protocols where a concrete representation for the underlying group is not specified.