Cryptanalysis of authentication and key establishment protocol in Mobile Edge Computing Environment

TL;DR

The paper analyzes Wu et al.'s MEC authentication and key establishment protocol and shows it is vulnerable to key computation attacks, mobile user impersonation, traceability, and an honest-but-curious registration center. By dissecting the registration and authentication phases, the authors demonstrate how an edge server with prior session data can derive critical components (e.g., $TMID_i$, $RN_1$, $RN_3$, $PSID_j$) to compute a future session key $SK^*$ and impersonate users across sessions. The findings reveal that long-term secrets can be exposed to edge servers, enabling cross-session compromise and impersonation, thus undermining confidentiality and integrity. The work underscores the need for MEC AKE designs that prevent key leakage to intermediaries and resist cross-session key derivation, promoting more secure three-party protocols between mobile users, edge servers, and registration centers.

Abstract

Recently, in the area of Mobile Edge Computing (MEC) applications, Wu et al. proposed an authentication and key establishment scheme and claimed their protocol is secure. Nevertheless, cryptanalysis shows the scheme fails to provide robustness against key computation attack, mobile user impersonation attack and traceability attack. Vulnerabilities in their scheme lead to the exposure of mobile users' long term secret to mobile edge server provided both parties complete a successful session. This enables any malicious edge servers, who had communicated with the user earlier, to compute current session keys between the user and other legitimate servers. Also, since long term secret is exposed, such malicious servers can impersonate the user. We present a cryptanalysis of the scheme.