Security Analysis of “SMAKA: Secure Many-to-Many Authentication and Key Agreement Scheme for Vehicular Networks”

Abstract

In the above article, Zhang <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">et al.</i> (2021) proposed a many-to-many authentication and key agreement scheme named SMAKA for secure authentication and key agreement between multiple vehicles and cloud service providers (CSPs) in a vehicular network. However, we identify a security flaw in the design of Zhang <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">et al.</i> ’s scheme, which allows an attacker to hijack an authentication session between a vehicle and a CSP and impersonate the vehicle to establish a shared key with the CSP with a high chance.