Key Replicating Attack on Certificateless Authenticated Key Agreement Protocol

Authenticated key agreement protocol is crucial in providing data confidentiality and integrity to subsequent communications among two or more parties over a public network. Certificateless public key cryptography (CL-PKC) combines the advantage of the identity-based public key cryptography (ID-PKC) and the traditional PKI. In 2007, Y.J Shi and J.H Li proposed a two-party authenticated key agreement protocol based on the certificateless encryption scheme proposed by B. Libert and J.J. Quisquater. It is found that the scheme is vulnerable to the key replicating attack (one form of the man-in-the-middle attack), so it doesnpsilat possess the security attribute of implicit key authentication and key control. We analyze such an attack of this protocol in the BR93 model in detail, and demonstrate that the protocol is not secure if the adversary is allowed to send a reveal query to reveal non-partner players who had accepted the same session key.