Design flaws of “an anonymous two-factor authenticated key agreement scheme for session initiation protocol using elliptic curve cryptography”

  • Saru Kumari
  • Published 2016 in Multimedia Tools and Applications

Abstract

Recently, a two-factor authenticated key agreement scheme for session initiation protocol is published by Lu et al. in Multimedia Tools and Applications [doi:10.1007/s11042-015-3166-4]. I have examined this scheme and found some design flaws in it. Due to flaw in registration phase, the scheme is vulnerable to guessing attacks. However, flaws during key agreement phase hinder the functionality of the scheme in such a way that mutual authentication process between the user and the server is not viable.

DOI: 10.1007/s11042-016-3771-x

Cite this paper

@article{Kumari2016DesignFO, title={Design flaws of “an anonymous two-factor authenticated key agreement scheme for session initiation protocol using elliptic curve cryptography”}, author={Saru Kumari}, journal={Multimedia Tools and Applications}, year={2016}, volume={76}, pages={13581-13583} }