Insider Impersonation Attack on a Tripartite ID-Based Authenticated Key Agreement Protocol with Bilinear Pairings

A key agreement protocol is designed for two or more entities to agree upon a shared secret key, which can subsequently be used to preserve confidentiality and data integrity over an open network. Since Joux has pioneered the notion of pairing-based tripartite key agreement protocol, various group key agreement schemes have been proposed after then. In 2003, Liu et al. proposed a tripartite identity-based authenticated key agreement protocol using bilinear pairings. Although the scheme is claimed to be efficient and secure, we discover that it is in fact breakable. In this paper, we highlight the flaw by demonstrating an insider impersonation attack on the scheme and suggest a few enhancements to conquer the defect.

[1]  Sanggon Lee,et al.  Cryptanalysis of Tso et al.'s ID-Based Tripartite Authenticated Key Agreement Protocol , 2007, ICISS.

[2]  Kwangjo Kim,et al.  ID-Based One Round Authenticated Tripartite Key Agreement Protocol with Pairings , 2002, IACR Cryptol. ePrint Arch..

[3]  Divya Nalla ID-based tripartite key agreement with signatures , 2003, IACR Cryptol. ePrint Arch..

[4]  Kyung-Ah Shim Cryptanalysis of Al-Riyami-Paterson's Authenticated Three Party Key Agreement Protocols , 2003, IACR Cryptol. ePrint Arch..

[5]  Alfred Menezes,et al.  Authenticated Diffie-Hellman Key Agreement Protocols , 1998, Selected Areas in Cryptography.

[6]  Kenneth G. Paterson,et al.  Tripartite Authenticated Key Agreement Protocols from Pairings , 2003, IMACC.

[7]  Chu-Hsing Lin,et al.  Secure one-round tripartite authenticated key agreement protocol from Weil pairing , 2005, 19th International Conference on Advanced Information Networking and Applications (AINA'05) Volume 1 (AINA papers).

[8]  Kyung-Ah Shim,et al.  Efficient one round tripartite authenticated key agreement protocol from Weil pairing , 2003 .

[9]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[10]  Kyung-Ah Shim Efficient ID-based authenticated key agreement protocol based on Weil pairing , 2003 .

[11]  Hung-Yu Chien Comments: Insider attack on Cheng et al.'s pairing-based tripartite key agreement protocols , 2005, IACR Cryptol. ePrint Arch..

[12]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[13]  Hung-Yu Chien,et al.  An Improved Tripartite Authenticated Key Agreement Protocol Based on Weil Pairing , 2005 .

[14]  Alfred Menezes,et al.  Key Agreement Protocols and Their Security Analysis , 1997, IMACC.

[15]  Kyung-Ah Shim,et al.  Weakness in ID-based one round authenticated tripartite multiple-key agreement protocol with pairings , 2005, Appl. Math. Comput..

[16]  Youngho Park,et al.  An Enhanced One-Round Pairing-Based Tripartite Authenticated Key Agreement Protocol , 2007, ICCSA.

[18]  Kefei Chen,et al.  ID-based tripartite key agreement protocol with pairings , 2003, IEEE International Symposium on Information Theory, 2003. Proceedings..

[19]  Antoine Joux,et al.  A One Round Protocol for Tripartite Diffie–Hellman , 2000, Journal of Cryptology.

[20]  Mike Burmester,et al.  On the Risk of Opening Distributed Keys , 1994, CRYPTO.

[21]  Nigel P. Smart,et al.  AN IDENTITY BASED AUTHENTICATED KEY AGREEMENT PROTOCOL BASED ON THE WEIL PAIRING , 2001 .