Attacks on an ISO/IEC 11770-2 key establishment protocol

Comley, Richard A. ORCID logoORCID: and Cheng, Zhaohui (2005) Attacks on an ISO/IEC 11770-2 key establishment protocol. International Journal of Network Security, 3 (3) . pp. 290-295. ISSN 1816-353X [Article]

[img] PDF - Published version (with publisher's formatting)
Restricted to Repository staff and depositor only

Download (133kB) |


This paper demonstrates that two types of serious attack (replay and type) are possible on an ISO/IEC server-based key establishment protocol. The flaw is associated with the method used to ensure the freshness of an established key. Two possible solutions are proposed to deal with the identified weakness. This is of great potential impact and as a result of this work, ISO published a technical corrigendum (ISO/IEC 11770-2:1996/Cor 1:2005) to remove the protocol from ISO/IEC 11770-2: 1996.

Item Type: Article
Research Areas: A. > School of Science and Technology > Computer and Communications Engineering
Item ID: 23
Useful Links:
Depositing User: Repository team
Date Deposited: 13 Oct 2008 12:39
Last Modified: 30 Nov 2022 02:19

Actions (login required)

View Item View Item


Activity Overview
6 month trend
6 month trend

Additional statistics are available via IRStats2.