Cryptanalysis of an Identity-Based Authenticated Key Exchange Protocol

TL;DR

This paper critically examines an identity-based authenticated key exchange protocol, revealing a significant security flaw that allows impersonation and undermines the protocol's claimed resiliency feature.

Contribution

It provides the first cryptanalysis of the 2015 IBAKE protocol, demonstrating its insecurity and invalidating its resiliency property through practical attacks.

Findings

The protocol is vulnerable to impersonation attacks.

Resiliency property is false under certain leak scenarios.

The security flaw compromises the protocol's practical deployment.

Abstract

Authenticated Key Exchange (AKE) protocols represent an important cryptographic mechanism that enables several parties to communicate securely over an open network. Elashry, Mu and Susilo proposed in 2015 an Identity Based Authenticated Key Exchange (IBAKE) protocol where different parties establish secure communication by means of their public identities. The authors also introduced a new security notion for IBAKE protocols called resiliency, that is, if a shared secret between a group of parties is compromised or leaked, they can generate another completely new shared secret without the need to set up a new key exchange session. They then proved that their IBAKE protocol satisfies this security notion. We analyze the security of their protocol and prove that it has a major security flaw which renders it insecure against an impersonation attack. We also disprove the resiliency property of their scheme by proposing an attack where an adversary can compute any share secret key if just one secret bit is leaked.