Recently, Chen et al. proposed a framework for authenticated key exchange (AKE) protocols (referred to as CMYSG scheme) in Designs, Codes and Cryptography (available at http://link.springer.com/article/10.1007/s10623-016-0295-3). It is claimed that the proposed AKE protocol is secure in a new leakage-resilient eCK model w.r.t. auxiliary inputs (AI-LR-eCK). The main tool used for the generic construction is the smooth projective hash SPHF). In this note, we revisit the CMYSG scheme and point out a subtle flaw in the original security proof. Precisely, we show that the AI-LR-eCK security of the proposed construction cannot be successfully reduced to a pseudo-random SPHF and thus the CMYSG scheme is not secure as claimed. To restore the security proof, we replace the underlying typical SPHF with a 2-smooth SPHF, and show that such a replacement combined with a pPRF suffices to overcome the subtle flaw.

• 出版日期2017-10
• 单位中国人民解放军国防科学技术大学