Ephemeral key compromise attack on the IB-KA protocol

Abstract

Recently, Dario Fiore and Rosario Gennaro proposed the IB-KA protocol, which was inspired by MQV protocol. They provide a full proof of security of IB-KA protocol using techniques developed by Krawczyk in the Canetti-Krawczyk model. They designed the IB-KA protocol with some security properties such as perfect forward secrecy, reflection attack resilience, and key compromise impersonation resilience. But they didn\u27t consider ephemeral key compromise problem in the design of IB-KA protocol, and made no analysis whether the IB-KA protocol can resist ephemeral key compromise attacks. In this paper, we present ephemeral key compromise attack on the the IB-KA protocol. Our work shows that the IB-KA protocol is designed without ephemeral key compromise resilience