Internet Archive Scholar

On the Importance of Public-Key Validation in the MQV and HMQV Key Agreement Protocols [chapter]

Alfred Menezes, Berkant Ustaoglu
2006 Lecture Notes in Computer Science  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (235.9 kB)
https://web.archive.org/web/20170809011216/http://cryptolounge.net/pdf/MU06.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL. The file type is application/pdf.

HMQV is a hashed variant of the MQV key agreement protocol proposed by Krawczyk at CRYPTO 2005. In this paper, we present some attacks on HMQV and MQV that are successful if public keys are not properly validated. In particular, we present an attack on the twopass HMQV protocol that does not require knowledge of the victim's ephemeral private keys. The attacks illustrate the importance of performing some form of public-key validation in Diffie-Hellman key agreement protocols, and furthermore
more » ... hlight the dangers of relying on security proofs for discrete-logarithm protocols where a concrete representation for the underlying group is not specified.
doi:10.1007/11941378_11 fatcat:zzgpymtcurhozjgwr4wggd4uai
Citation

Alfred Menezes, Berkant Ustaoglu. "On the Importance of Public-Key Validation in the MQV and HMQV Key Agreement Protocols." Lecture Notes in Computer Science (2006) 133-147