查看文章

The MQV is an authenticated key agreement protocol which does not use any one-way hash functions in its block design, and it is standardized in (IEEE, ANSI, and ISO). However, its two-pass form cannot withstand an unknown key share attack. Krawczyk proposed a hashed version of MQV (HMQV) to overcome the attack on MQV, but HMQV is vulnerable to small subgroup attacks. LaMacchia et al presented a strong security definition for authenticated key exchange protocol as extended Canetti-Krawczyk (eCK) to catch new attacks from a strong adversary. Ustaoglu proposed a hashed ephemeral private key with static private key of HMQV (CMQV) to have a security proof in eCK. Sarr et al showed key compromise impersonation and man-in-the-middle attacks on HMQV under revealing a signature of Diffie-Hellman of public keys and proposed fully HMQV (FHMQV) and strengthen MQV (SMQV) to overcome those …