A paper presented at the ICICS 2019 conference describes what is claimed to be a `provably secure group authentication [protocol] in the asynchronous communication model'. We show here that this is far from being the case, as the protocol is subject to serious attacks. To try to explain this troubling case, an earlier (2013) scheme on which the ICICS 2019 protocol is based was also examined and found to possess even more severe flaws - this latter scheme was previously known to be subject to attack, but not in quite as fundamental a way as is shown here. Examination of the security theorems provided in both the 2013 and 2019 papers reveals that in neither case are they exactly what they seem to be at first sight; the issues raised by this are also briefly discussed.
翻译:在ICICS 2019年会议上提交的一份文件描述了所谓“非同步通信模式中可能安全的集体认证[规 ”的说法。我们在这里表明,由于议定书受到严重攻击,情况远非如此。为了解释这一令人不安的案例,还审查了作为ICICS 2019年议定书基础的较早的(2013年)计划,发现该计划存在甚至更严重的缺陷――后一种计划以前已知会受到攻击,但不像这里所显示的那样具有根本意义。对2013年和2019年文件中提供的安全标语的审查表明,这两个文件都没有确切地说明它们最初看上去是什么;对此提出的问题也作了简要的讨论。
相关内容
微信扫码咨询专知VIP会员