Title: On the separation between the FHMQV and HMQV protocols

Authors: Augustin P. Sarr; Philippe Elbaz-Vincent

Addresses: Laboratoire Acca, Université Gaston Berger de Saint-Louis, Senegal ' Institut Fourier - CNRS, Université Grenoble Alpes, France

Abstract: The HMQV protocol is under consideration for IEEE P1363 standardisation. We provide a complementary analysis of the HMQV(-C) protocol. Namely, we point out a key compromise impersonation and a man-in-the-middle attack in the case of a static private key leakage, showing that the HMQV(-C) protocols cannot achieve their security goals. Next, we revisit the FHMQV building blocks, design and security arguments. We clarify the security and efficiency separation between HMQV and FHMQV, showing the advantages of FHMQV over HMQV.

Keywords: authenticated key exchange; FHMQV; HMQV; key compromise impersonation; KCI attack; security model.

DOI: 10.1504/IJACT.2017.089357

International Journal of Applied Cryptography, 2017 Vol.3 No.4, pp.377 - 393

Received: 15 Mar 2017
Accepted: 29 Mar 2017

Published online: 21 Jan 2018 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article