Certificateless Authenticated Two-Party Key Agreement Protocols

In their seminal paper on certificateless public key cryptography, Al-Riyami and Paterson (AP) proposed a certificateless authenticated key agreement protocol. Key agreement protocols are one of the fundamental primitives of cryptography, and allow users to establish session keys securely in the presence of an active adversary. AP's protocol essentially requires each party to compute four bilinear pairings. Such operations can be computationally expensive, and should therefore be used moderately in key agreement. In this paper, we propose a new certificateless authenticated two-party key agreement protocol that only requires each party to compute two pairings. We analyze the security of the protocol and show that it achieves the desired security attributes. Furthermore, we show that our protocol can be used to establish keys between users of different key generation centers.

[1]  Antoine Joux,et al.  The Weil and Tate Pairings as Building Blocks for Public Key Cryptosystems , 2002, ANTS.

[2]  Peter Gutmann,et al.  PKI: It's Not Dead, Just Resting , 2002, Computer.

[3]  Ying Wang,et al.  An Improved ID-based Authenticated Group Key Agreement Scheme , 2003, IACR Cryptol. ePrint Arch..

[4]  Martin E. Hellman,et al.  An improved algorithm for computing logarithms over GF(p) and its cryptographic significance (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[5]  Alexander W. Dent,et al.  On Proofs of Security for Certificateless Cryptosystems , 2005, IACR Cryptol. ePrint Arch..

[6]  Guomin Yang,et al.  An Efficient Identity-Based Key Exchange Protocol with KGS Forward Secrecy for Low-Power Devices , 2007, WINE.

[7]  Kyung-Ah Shim Cryptanalysis of Two ID-based Authenticated Key Agreement Protocols from Pairings , 2005, IACR Cryptol. ePrint Arch..

[8]  G. Frey,et al.  A remark concerning m -divisibility and the discrete logarithm in the divisor class group of curves , 1994 .

[9]  Dan Boneh,et al.  Hardness of Computing the Most Significant Bits of Secret Keys in Diffie-Hellman and Related Schemes , 1996, CRYPTO.

[10]  Kyung-Ah Shim Efficient ID-based authenticated key agreement protocol based on Weil pairing , 2003 .

[11]  Chi Sung Laih,et al.  Advances in Cryptology - ASIACRYPT 2003 , 2003 .

[12]  Joonsang Baek,et al.  Certificateless Public Key Encryption Without Pairing , 2005, ISC.

[13]  Gerhard Frey,et al.  The Tate pairing and the discrete logarithm applied to elliptic curve cryptosystems , 1999, IEEE Trans. Inf. Theory.

[14]  Ratna Dutta,et al.  Pairing-Based Cryptographic Protocols : A Survey , 2004, IACR Cryptol. ePrint Arch..

[15]  Colin Boyd Towards Extensional Goals in Authentication Protocols , 1997 .

[16]  Chris J. Mitchell,et al.  Key control in key agreement protocols , 1998 .

[17]  Eun-Jun Yoon,et al.  An Efficient ID-Based Authenticated Key Agreement Protocol from Pairings , 2004, NETWORKING.

[18]  YoungJu Choie,et al.  Efficient identity-based authenticated key agreement protocol from pairings , 2005, Appl. Math. Comput..

[19]  Nigel P. Smart,et al.  AN IDENTITY BASED AUTHENTICATED KEY AGREEMENT PROTOCOL BASED ON THE WEIL PAIRING , 2001 .

[20]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[21]  Günther Horn,et al.  Authentication protocols for mobile network environment value-added services , 2002, IEEE Trans. Veh. Technol..

[22]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[23]  Liqun Chen,et al.  Identity based authenticated key agreement protocols from pairings , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[24]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[25]  Liqun Chen,et al.  On security proof of McCullagh?Barreto's key agreement protocol and its variants , 2007, Int. J. Secur. Networks.

[26]  Mike Burmester,et al.  On the Risk of Opening Distributed Keys , 1994, CRYPTO.

[27]  Antoine Joux,et al.  A One Round Protocol for Tripartite Diffie–Hellman , 2000, Journal of Cryptology.

[28]  Chae Hoon Lim,et al.  A Key Recovery Attack on Discrete Log-based Schemes Using a Prime Order Subgroupp , 1997, CRYPTO.

[29]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[30]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[31]  Marc Girault,et al.  Self-Certified Public Keys , 1991, EUROCRYPT.

[32]  Ari Juels,et al.  Client puzzles: A cryptographic defense against connection depletion , 1999 .

[33]  Kenneth G. Paterson,et al.  CBE from CL-PKE: A Generic Construction and Efficient Schemes , 2005, Public Key Cryptography.

[34]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[35]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[36]  Kenneth G. Paterson,et al.  Pairings for Cryptographers , 2008, IACR Cryptol. ePrint Arch..

[37]  Peter Gutmann,et al.  Everything you Never Wanted to Know about PKI but were Forced to Find Out , 2002 .

[38]  Liqun Chen,et al.  Identity-based key agreement protocols from pairings , 2017, International Journal of Information Security.

[39]  Luminita Vasiu,et al.  On The Indistinguishability-Based Security Model of Key Agreement Protocols-Simple Cases , 2005, IACR Cryptol. ePrint Arch..

[40]  Sattam S. Al-Riyami Cryptographic schemes based on elliptic curve pairings , 2004 .

[41]  Liqun Chen,et al.  A Built-in Decisional Function and Security Proof of ID-based Key Agreement Protocols from Pairings , 2006, IACR Cryptol. ePrint Arch..

[42]  Antti Huima,et al.  Using multimodal logic to express conflicting interests in security protocols in proceedings of DIMACS Workshop on Design and formal verification of security protocols , 1997 .

[43]  Guohong Xie,et al.  An ID-Based Key Agreement Scheme from pairing , 2005, IACR Cryptol. ePrint Arch..

[44]  J. Pollard,et al.  Monte Carlo methods for index computation () , 1978 .

[45]  Paulo S. L. M. Barreto,et al.  A New Two-Party Identity-Based Authenticated Key Agreement , 2005, CT-RSA.

[46]  Michael Scott,et al.  Implementing Cryptographic Pairings on Smartcards , 2006, CHES.

[47]  Anton Stiglic,et al.  Security Issues in the Diffie-Hellman Key Agreement Protocol , 2001 .

[48]  Alfred Menezes,et al.  Key Agreement Protocols and Their Security Analysis , 1997, IMACC.

[49]  Eun-Jun Yoon,et al.  An Efficient ID-Based Authenticated Key Agreement Protocol with Pairings , 2007, ISPA.

[50]  Eric R. Verheul,et al.  Evidence that XTR Is More Secure than Supersingular Elliptic Curve Cryptosystems , 2001, Journal of Cryptology.

[51]  Alfred Menezes,et al.  Authenticated Diffie-Hellman Key Agreement Protocols , 1998, Selected Areas in Cryptography.

[52]  Masao Kasahara,et al.  ID based Cryptosystems with Pairing on Elliptic Curve , 2003, IACR Cryptol. ePrint Arch..

[53]  Kristin E. Lauter,et al.  Security Analysis of KEA Authenticated Key Exchange Protocol , 2006, IACR Cryptol. ePrint Arch..

[54]  Alfred Menezes,et al.  Reducing elliptic curve logarithms to logarithms in a finite field , 1991, STOC '91.

[55]  Mike Scott,et al.  Authenticated ID-based Key Exchange and remote log-in with simple token and PIN number , 2002, IACR Cryptol. ePrint Arch..

[56]  Authenticated ID-based Key Exchange and Remote Log-in with Insecure Token and PIN Number , 2002 .

[57]  Quan Yuan,et al.  A New Efficient ID-Based Authenticated Key Agreement Protocol , 2005, IACR Cryptol. ePrint Arch..

[58]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[59]  Dong Hoon Lee,et al.  ID-based Authenticated Key Agreement for Low-Power Mobile Devices , 2005, ACISP.

[60]  David Salomon,et al.  Data Privacy and Security , 2003, Springer New York.

[61]  Loren M. Kohnfelder,et al.  Towards a practical public-key cryptosystem. , 1978 .

[62]  Hugo Krawczyk,et al.  HMQV: A High-Performance Secure Diffie-Hellman Protocol , 2005, CRYPTO.

[63]  Jianhua Li,et al.  ID-based one round authenticated group key agreement protocol with bilinear pairings , 2005, International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II.

[64]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[65]  Dengguo Feng,et al.  On the Security of a Certificateless Public-Key Encryption , 2005, IACR Cryptol. ePrint Arch..

[66]  Dan Boneh,et al.  The Decision Diffie-Hellman Problem , 1998, ANTS.