Abstract
Recently, two e-mail protocols were proposed claiming to provide perfect secrecy. These protocols use authentication and (Diffie-Hellman) key-exchange techniques, and as such, other standard security criteria besides perfect forward secrecy include key-replay resilience, known-key security, key freshness and unknown key-share resilience are expected too. In this paper, we show that the two protocols cannot resist replay attacks, and further that the first falls to unknown key-share attacks while the second fails to provide perfect forward secrecy, contrary to the designers' claims. Although the two protocols were intended by the designers to be more secure variants compared to the common e-mail protocol, our results show that being newer does not necessarily mean being more secure.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
