Security Proof for the Improved Ryu-Yoon-Yoo Identity-Based Key Agreement Protocol

Key agreement protocols are essential for secure communications in open and distributed environments. The protocol design is, however, extremely error-prone as evidenced by the iterative process of flxing discovered attacks on published protocols. We revisit an e-cient identity-based (ID-based) key agreement protocol due to Ryu, Yoon and Yoo. The protocol is highly e-cient and suitable for real-world applications despite ofiering no resilience against key-compromise impersonation (K-CI). We then show that the protocol is, in fact, insecure against re∞ection attacks. A slight modifl- cation to the protocol is proposed, which results in signiflcant beneflts for the security of the protocol without compromising on its e-ciency. Finally, we prove the improved protocol secure in a widely accepted model.

[1]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[2]  Hugo Krawczyk,et al.  HMQV: A High-Performance Secure Diffie-Hellman Protocol , 2005, CRYPTO.

[3]  Liqun Chen,et al.  Identity-based key agreement protocols from pairings , 2017, International Journal of Information Security.

[4]  Colin Boyd,et al.  Protocols for Authentication and Key Establishment , 2003, Information Security and Cryptography.

[5]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[6]  Eun-Jun Yoon,et al.  An Efficient ID-Based Authenticated Key Agreement Protocol with Pairings , 2007, ISPA.

[7]  Caroline J. Kudla,et al.  Special Signature Schemes and Key Agreement Protocols , 2006 .

[8]  Kim-Kwang Raymond Choo Key establishment : proofs and refutations , 2006 .

[9]  Kim-Kwang Raymond Choo On the Security Analysis of Lee, Hwang & Lee (2004) and Song & Kim (2000) Key Exchange / Agreement Protocols , 2006, Informatica.

[10]  Alfred Menezes,et al.  Authenticated Diffie-Hellman Key Agreement Protocols , 1998, Selected Areas in Cryptography.

[11]  Alfred Menezes,et al.  Security arguments for the UM key agreement protocol in the NIST SP 800-56A standard , 2008, ASIACCS '08.

[12]  Paulo S. L. M. Barreto,et al.  Efficient Algorithms for Pairing-Based Cryptosystems , 2002, CRYPTO.

[13]  Hung-Min Sun,et al.  Security Analysis of Shim's Authenticated Key Agreement Protocols from Pairings , 2003, IACR Cryptol. ePrint Arch..

[14]  Colin Boyd,et al.  Security of Two-Party Identity-Based Key Agreement , 2005, Mycrypt.

[15]  David Pointcheval,et al.  The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes , 2001, Public Key Cryptography.

[16]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[17]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[18]  A. Shamm Identity-based cryptosystems and signature schemes , 1985 .

[19]  Alfred Menezes,et al.  Key Agreement Protocols and Their Security Analysis , 1997, IMACC.

[20]  Kim-Kwang Raymond Choo,et al.  Strongly-Secure Identity-Based Key Agreement and Anonymous Extension , 2007, ISC.

[21]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[22]  Kristin E. Lauter,et al.  Stronger Security of Authenticated Key Exchange , 2006, ProvSec.

[23]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[24]  Steven D. Galbraith,et al.  Implementing the Tate Pairing , 2002, ANTS.

[25]  Kyung-Ah Shim Efficient ID-based authenticated key agreement protocol based on Weil pairing , 2003 .

[26]  Colin Boyd,et al.  On Session Identifiers in Provably Secure Protocols: The Bellare-Rogaway Three-Party Key Distribution Protocol Revisited , 2004, SCN.

[27]  Nigel P. Smart,et al.  An Identity Based Authenticated Key Agreement Protocol Based on the Weil Pairing , 2002, IACR Cryptol. ePrint Arch..

[28]  Kenneth G. Paterson,et al.  Modular Security Proofs for Key Agreement Protocols , 2005, ASIACRYPT.

[29]  Zhenfu Cao,et al.  Security of an Efficient ID-Based Authenticated Key Agreement Protocol from Pairings , 2005, ISPA Workshops.