Abstract:
Recently, Aydos et al. proposed an ECC-based wireless authentication protocol. This protocol uses both the elliptic curve digital signature algorithm and the Diffie-Hellman key exchange scheme to provide mutual authentication and agree a session key for subsequent communication. Mangipudi et al show that the protocol is vulnerable to the man-in-the-middle attack from the attacker within the system. It is further shown in this paper that Aydos et al's protocol is vulnerable to man-in-the-middle attack from any attacker not restricted on the inside attacker. Finally, the reasons that Aydos et al's protocol suffers the attacks and some other security weaknesses of Aydos et al's protocol are analyzed.