Attacks on an ISO/IEC 11770-2 key establishment protocol

Comley, Richard A. ORCID: and Cheng, Zhaohui (2005) Attacks on an ISO/IEC 11770-2 key establishment protocol. International Journal of Network Security, 3 (3) . pp. 290-295. ISSN 1816-353X [Article]

[img] PDF - Published version (with publisher's formatting)
Restricted to Repository staff and depositor only

Download (133kB) |


This paper demonstrates that two types of serious attack (replay and type) are possible on an ISO/IEC server-based key establishment protocol. The flaw is associated with the method used to ensure the freshness of an established key. Two possible solutions are proposed to deal with the identified weakness. This is of great potential impact and as a result of this work, ISO published a technical corrigendum (ISO/IEC 11770-2:1996/Cor 1:2005) to remove the protocol from ISO/IEC 11770-2: 1996.

Item Type: Article
Research Areas: A. > School of Science and Technology > Computer and Communications Engineering
Item ID: 23
Useful Links:
Depositing User: Repository team
Date Deposited: 13 Oct 2008 12:39
Last Modified: 29 Nov 2019 18:45

Actions (login required)

View Item View Item

Full text downloads (NB count will be zero if no full text documents are attached to the record)

Downloads per month over the past year