Cryptanalysis of a client-to-client password-authenticated key agreement protocol

Recently, Byun et al. proposed an efficient client-to-client password-authenticated key agreement protocol (EC2C-PAKA), which was provably secure in a formally defined security model. This letter shows that EC2C-PAKA protocol is vulnerable to password compromise impersonate attack and man-in-the-middle attack if the key between servers is compromised

(In)Security of an Efficient Fingerprinting Scheme with Symmetric and Commutative Encryption of IWDW 2005

We analyze the security of a fingerprinting scheme proposed at IWDW 2005. We show two results, namely that this scheme (1) does riot provide seller security: a dishonest buyer can repudiate the fact that, he redistributed a content, and (2) does riot, provide buyer security: a buyer can be framed by a malicious seller