KSTIA. In this attack the knowledge of the ephemeral secrets of both the parties gives the adversary the power to compute the session key. Our protocol completely overhauls the key computation aspect of the protocol proposed in [FAA14] to overcome this susceptibility. This is achieved by ensuring that the final key value is dependent on CDH(gSA , gSB ) which has been incorporated in key components Kµ where λ ∈ {A, B} and µ ∈ {1, 2}.
Appears in 2 contracts
Sources: Identity Based Authenticated Key Agreement Protocol, Identity Based Key Agreement Protocol