An Improved Certificateless Authenticated Key Agreement Protocol
Source: Tsinghua University
In this paper, the authors show that their protocol is insecure against a man-in-the-middle attack which is a severe disaster for a key agreement protocol. In addition, the authors claimed that their scheme provides a binding a long-term public key with a corresponding partial private key. In fact, their protocol does not realize the binding. They propose an improved key agreement protocol based on the protocol proposed by Mokhtarnameh, Ho and Muthuvelu. The improved protocol can resist a man-in-the-middle attack as well as satisfy the desired security properties for key agreement.