On the separation between the FHMQV and HMQV protocols (Q1626139)
From MaRDI portal
 | This is the item page for this Wikibase entity, intended for internal use and editing purposes. Please use this page instead for the normal view: On the separation between the FHMQV and HMQV protocols |
scientific article; zbMATH DE number 6984957
| Language | Label | Description | Also known as |
|---|---|---|---|
| English | On the separation between the FHMQV and HMQV protocols |
scientific article; zbMATH DE number 6984957 |
Statements
On the separation between the FHMQV and HMQV protocols (English)
0 references
26 November 2018
0 references
Summary: The HMQV protocol is under consideration for IEEE P1363 standardisation. We provide a complementary analysis of the HMQV(-C) protocol. Namely, we point out a key compromise impersonation and a man-in-the-middle attack in the case of a static private key leakage, showing that the HMQV(-C) protocols cannot achieve their security goals. Next, we revisit the FHMQV building blocks, design and security arguments. We clarify the security and efficiency separation between HMQV and FHMQV, showing the advantages of FHMQV over HMQV.
0 references
authenticated key exchange
0 references
FHMQV
0 references
HMQV
0 references
key compromise impersonation
0 references
KCI attack
0 references
security model
0 references
