Saved in:
Bibliographic Details
Main Authors: Mugunthan, Sundararaju, Sureshkumar, Venkatasamy
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2412.18828
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866915080757575680
author Mugunthan, Sundararaju
Sureshkumar, Venkatasamy
author_facet Mugunthan, Sundararaju
Sureshkumar, Venkatasamy
contents Recently, in the area of Mobile Edge Computing (MEC) applications, Wu et al. proposed an authentication and key establishment scheme and claimed their protocol is secure. Nevertheless, cryptanalysis shows the scheme fails to provide robustness against key computation attack, mobile user impersonation attack and traceability attack. Vulnerabilities in their scheme lead to the exposure of mobile users' long term secret to mobile edge server provided both parties complete a successful session. This enables any malicious edge servers, who had communicated with the user earlier, to compute current session keys between the user and other legitimate servers. Also, since long term secret is exposed, such malicious servers can impersonate the user. We present a cryptanalysis of the scheme.
format Preprint
id arxiv_https___arxiv_org_abs_2412_18828
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Cryptanalysis of authentication and key establishment protocol in Mobile Edge Computing Environment
Mugunthan, Sundararaju
Sureshkumar, Venkatasamy
Cryptography and Security
Recently, in the area of Mobile Edge Computing (MEC) applications, Wu et al. proposed an authentication and key establishment scheme and claimed their protocol is secure. Nevertheless, cryptanalysis shows the scheme fails to provide robustness against key computation attack, mobile user impersonation attack and traceability attack. Vulnerabilities in their scheme lead to the exposure of mobile users' long term secret to mobile edge server provided both parties complete a successful session. This enables any malicious edge servers, who had communicated with the user earlier, to compute current session keys between the user and other legitimate servers. Also, since long term secret is exposed, such malicious servers can impersonate the user. We present a cryptanalysis of the scheme.
title Cryptanalysis of authentication and key establishment protocol in Mobile Edge Computing Environment
topic Cryptography and Security
url https://arxiv.org/abs/2412.18828