Simulatable certificateless two-party authenticated key agreement protocol

Key agreement (KA) allows two or more users to negotiate a secret session key among them over an open network. Authenticated key agreement (AKA) is a KA protocol enhanced to prevent active attacks. AKA can be achieved using a public-key infrastructure (PKI) or identity-based cryptography. However, the former suffers from a heavy certificate management burden while the latter is subject to the so-called key escrow problem. Recently, certificateless cryptography was introduced to mitigate these limitations. In this paper, we first propose a security model for AKA protocols using certificateless cryptography. Following this model, we then propose a simulatable certificateless two-party AKA protocol. Security is proven under the standard computational Diffie-Hellman (CDH) and bilinear Diffie-Hellman (BDH) assumptions. Our protocol is efficient and practical, because it requires only one pairing operation and five multiplications by each party.

[1]  David Pointcheval,et al.  The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes , 2001, Public Key Cryptography.

[2]  Nigel P. Smart,et al.  AN IDENTITY BASED AUTHENTICATED KEY AGREEMENT PROTOCOL BASED ON THE WEIL PAIRING , 2001 .

[3]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[4]  Chik How Tan,et al.  Certificateless Authenticated Two-Party Key Agreement Protocols , 2006, ASIAN.

[5]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[6]  Kenneth G. Paterson,et al.  Modular Security Proofs for Key Agreement Protocols , 2005, ASIACRYPT.

[7]  Yi Mu,et al.  Certificateless Threshold Ring Signature , 2009, Inf. Sci..

[8]  Kyung-Ah Shim,et al.  Breaking the short certificateless signature scheme , 2009, Inf. Sci..

[9]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[10]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[11]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[12]  Quan Yuan,et al.  A New Efficient ID-Based Authenticated Key Agreement Protocol , 2005, IACR Cryptol. ePrint Arch..

[13]  A. Shamm Identity-based cryptosystems and signature schemes , 1985 .

[14]  Alfred Menezes,et al.  Key Agreement Protocols and Their Security Analysis , 1997, IMACC.

[15]  Lein Harn,et al.  Design of DL-based certificateless digital signatures , 2009, J. Syst. Softw..

[16]  Shanshan Duan,et al.  Certificateless undeniable signature scheme , 2008, Inf. Sci..

[17]  Hyang-Sook Lee,et al.  IDENTITY BASED AUTHENTICATED KEY AGREEMENT FROM PAIRINGS , 2005 .

[18]  Li Jianhua,et al.  Two-party authenticated key agreement in certificateless public key cryptography , 2007 .

[19]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[20]  Hong Zhao,et al.  An Enhanced Authentication and Key Agreement Mechanism for SIP Using Certificateless Public-key Cryptography , 2008, 2008 The 9th International Conference for Young Computer Scientists.

[21]  Paulo S. L. M. Barreto,et al.  A New Two-Party Identity-Based Authenticated Key Agreement , 2005, CT-RSA.

[22]  Yi Mu,et al.  Certificateless Signature Revisited , 2007, ACISP.

[23]  Jianhua Li,et al.  Two-party authenticated key agreement in certificateless public key cryptography , 2006, Wuhan University Journal of Natural Sciences.

[24]  Luminita Vasiu,et al.  On The Indistinguishability-Based Security Model of Key Agreement Protocols-Simple Cases , 2005, IACR Cryptol. ePrint Arch..

[25]  Yi Mu,et al.  Asymmetric Group Key Agreement , 2009, EUROCRYPT.

[26]  Lei Zhang,et al.  A new certificateless aggregate signature scheme , 2009, Comput. Commun..

[27]  Yuqing Zhang,et al.  A New Provably Secure Authentication and Key Agreement Mechanism for SIP Using Certificateless Public-Key Cryptography , 2007, 2007 International Conference on Computational Intelligence and Security (CIS 2007).

[28]  Gao Hai-ying Efficient ID-based authenticated key agreement protocol , 2012 .

[29]  Liqun Chen,et al.  Identity-based key agreement protocols from pairings , 2017, International Journal of Information Security.

[30]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.