Secure Deniable Authenticated Key Establishment for Internet Protocols

In 2003, Boyd et al. have proposed two deniable authenticated key establishment protocols for Internet key exchange (IKE). However, both schemes have been broken by Chou et al. in 2005 due to their susceptibility to key-compromise impersonation (KCI) attack. In this paper, we put forward the improved variants of both Boyd et al.'s schemes in order to defeat the KCI attack. On top of justifying our improvements, we further present a detailed security analysis to ensure that the desired security attributes: deniability and authenticity remain preserved.

[1]  Kenneth G. Paterson,et al.  Deniable Authenticated Key Establishment for Internet Protocols , 2003, Security Protocols Workshop.

[2]  Kenneth G. Paterson,et al.  Cryptography from Pairings: A Snapshot of Current Research , 2008 .

[3]  Yalin Chen,et al.  A ID-Based Deniable Authentication Protocol on pairings , 2006, IACR Cryptol. ePrint Arch..

[4]  Yalin Chen,et al.  Weaknesses of the Boyd-Mao Deniable Authenticated key Establishment for Internet Protocols , 2005, IACR Cryptol. ePrint Arch..

[5]  Youngho Park,et al.  An Enhanced ID-Based Deniable Authentication Protocol on Pairings , 2007, ICCSA.

[6]  Dongdai Lin,et al.  An efficient ID-based deniable authentication protocol from pairings , 2005, 19th International Conference on Advanced Information Networking and Applications (AINA'05) Volume 1 (AINA papers).

[7]  Duncan S. Wong,et al.  Cryptanalysis of a suite of deniable authentication protocols , 2006, IEEE Communications Letters.

[8]  Alfred Menezes,et al.  Authenticated Diffie-Hellman Key Agreement Protocols , 1998, Selected Areas in Cryptography.