Security Analysis of ECC Based Authentication Protocols
In this work we consider two elliptic curve cryptography based authentication protocols for performing cryptanalysis and security enhancement. The first one by Moosavi et al., is a mutual authentication scheme for RFID implant systems. We perform a cryptanalysis on this protocol and observe that it is prone to the clogging attack, a kind of denial of service (DoS) attack. We then suggest an improvement on the protocol to prevent the clogging attack. The other protocol we consider for analysis is by Xu et al. This is a smart card based authentication protocol. We again perform the clogging (DoS) attack on this protocol via replay. We observe that all smart card based authentication protocols which precede the one by Xu et al., and require the server to compute the computationally intensive elliptic curve techniques are prone to the clogging attack. We suggest an alternative improvement on the protocol to prevent the clogging attack, which also applies to the protocol by Moosavi et al.
Proceedings - 2015 International Conference on Computational Intelligence and Communication Networks, CICN 2015
Digital Object Identifier (DOI)
Khatwani, & Roy, S. (2015). Security Analysis of ECC Based Authentication Protocols. 2015 International Conference on Computational Intelligence and Communication Networks (CICN), 1167–1172. https://doi.org/10.1109/CICN.2015.226