查看文章

In NRSC28, Elkamchouchi and Abu Elkair proposed an efficient protocol for authenticated key agreement, and the authors claimed that the proposed protocol is secure against known attacks. However, this letter shows that Elkamchouchi and Abu Elkair protocol cannot withstand the two types of key compromise impersonation (KCI) attacks namely, general-KCI, and static-KCI. In addition, we show the man-in-the-middle attack and known key security attack on Elkamchouchi and Abu Elkair protocol, and also the protocol cannot provide perfect forward secrecy property. Furthermore, we use the Scyther tool as an automated verification method to demonstrate the security flaws in Elkamchouchi and Abu Elkair protocol.