Comment on "Provably secure biometric-based client-server secure communication over unreliable networks"
In key agreement protocols, the user will send a request to the server and the server will respond to that message. After two-way authentication, a secure session key will be created between them. They use the session key to create a secure channel for communication. In 2021, Saleem et al. proposed a protocol for securing user and server communications, claiming that their proposed protocol meets a variety of security needs and is also resistant to known types of attacks. In this article, we will show that Saleem et al's scheme does not meet the security requirement of perfect forward secrecy.
READ FULL TEXT