Security in CK model. The scheme is not resistant in the CK security model if the private keys dA and dB of the SM and SP respectively are leaked. This follows from the fact that CA = CB = dB AA and DA = DB = xXXX. As a result, the adversary is able to compute SK = H(XXX IDB CA DA) and the security of the session key is broken.
Appears in 3 contracts
Samples: pdfs.semanticscholar.org, res.mdpi.com, cronfa.swan.ac.uk
Security in CK model. The scheme is not resistant in the CK security model if the private keys dA and dB of the SM and SP respectively are leaked. This follows from the fact that CA = CB = dB AA and DA = DB = xXXX. As a result, the adversary is able to compute SK = H(XXX IDB CA DAH(IDAǁIDBǁCAǁDA) and the security of the session key is broken.
Appears in 3 contracts
Samples: pdfs.semanticscholar.org, res.mdpi.com, research-repository.griffith.edu.au
