On the Security of Certificateless Authenticated Key Agreement Protocol (CL-AK) for Grid Computing

Grid security infrastructure (GSI) provides an efficient mechanism to solve security problems using conventional public key infrastructure (PKI). The notion of certificateless public key cryptography gives another efficient cryptographic primitive to support Grid security services. In the recent work, Wang et al. proposed the first certificateless authentication and key agreement protocol (CL-AK) for Grid computing based on the Diffie-Hellman key agreement protocol and certificateless public key cryptography, which fits well with the GSI and provides a more lightweight key management approach for entity or data authentication and confidential protection. The authors declare that the protocol achieves many security goals. However, we found the scheme cannot withstand key compromise impersonation attack and key replicating attack, thus it doesn´t possess some desirable security attributes, such as key compromise impersonation resilience and key integrity. We analyze the key replicating attack against the protocol in the BR93 security model in more detail.