Abstract
Authenticated key exchange (AKE) protocol is one of the most widely used cryptographic primitives, and lots of protocols have been proposed either in the certificate-based (cert-based) setting or in the identity-based (id-based) setting. In practical applications, entities from different settings may have the requirement to communicate with each other. Though there are works concentrated on supporting either multiple certification authorities (CAs) or multiple key generation centers (KGCs), very few papers have focused on the interoperability between the two settings. Furthermore, existing approaches are still inadequate in supporting parameters from different algebraic groups introduced by multiple CAs and multiple KGCs.
In this paper, we focus on AKE protocols integrating cert-based settings and id-based settings with varied groups, and propose an AKE protocol where one entity is cert-based and the other is id-based, and the parameters of both entities may come from different groups. An extended AKE security model of [6,22] is proposed to support multiple KGCs and CAs. The proposed protocol is proved to be secure in the extended security model. Finally, we extend the protocol to achieve forward secrecy and resistance to leakage of both ephemeral keys.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)
Bellare, M., Rogaway, P.: Provably secure session key distribution: the three party case. In: STOC 1995, pp. 57–66. ACM, New York (1995)
Boyd, C., Cliff, Y., Gonzalez Nieto, J.M., Paterson, K.G.: Efficient One-Round Key Exchange in the Standard Model. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 69–83. Springer, Heidelberg (2008)
Canetti, R., Krawczyk, H.: Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)
Chatterjee, S., Menezes, A., Ustaoglu, B.: A Generic Variant of NIST’s KAS2 Key Agreement Protocol. In: Parampalli, U., Hawkes, P. (eds.) ACISP 2011. LNCS, vol. 6812, pp. 353–370. Springer, Heidelberg (2011)
Chen, L., Cheng, Z., Smart, N.: Identity-based key agreement protocols from pairings. Int. J. Inf. Secur. 6, 213–241 (2007)
Chen, L., Kudla, C.: Identity based authenticated key agreement from pairings. In: Proc. 16th IEEE Computer Security Foundations Workshop, pp. 219–233 (2003)
Chow, S.S.M., Choo, K.-K.R.: Strongly-Secure Identity-Based Key Agreement and Anonymous Extension. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 203–220. Springer, Heidelberg (2007)
Diffie, W., Hellman, M.: New directions in cryptography. IEEE T. Inform. Theory 22(6), 644–654 (1976)
Fiore, D., Gennaro, R.: Making the Diffie-Hellman Protocol Identity-Based. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 165–178. Springer, Heidelberg (2010)
Fujioka, A., Suzuki, K., Xagawa, K., Yoneyama, K.: Strongly Secure Authenticated Key Exchange from Factoring, Codes, and Lattices. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 467–484. Springer, Heidelberg (2012)
Günther, C.G.: An Identity-Based Key-Exchange Protocol. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 29–37. Springer, Heidelberg (1990)
Huang, H., Cao, Z.: An id-based authenticated key exchange protocol based on bilinear diffie-hellman problem. In: ASIACCS 2009, pp. 333–342. ACM (2009)
Krawczyk, H.: HMQV: A High-Performance Secure Diffie-Hellman Protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 546–566. Springer, Heidelberg (2005)
LaMacchia, B.A., Lauter, K., Mityagin, A.: Stronger Security of Authenticated Key Exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007)
Law, L., Menezes, A., Qu, M., Solinas, J., Vanstone, S.: Some new key agreement protocols providing mutual implicit authentication. In: SAC 1995, pp. 22–32 (1995)
McCullagh, N., Barreto, P.S.L.M.: A New Two-Party Identity-Based Authenticated Key Agreement. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 262–274. Springer, Heidelberg (2005)
Sarr, A.P., Elbaz-Vincent, P., Bajard, J.-C.: A New Security Model for Authenticated Key Agreement. In: Garay, J.A., De Prisco, R. (eds.) SCN 2010. LNCS, vol. 6280, pp. 219–234. Springer, Heidelberg (2010)
Shamir, A.: Identity-Based Cryptosystems and Signature Schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Smart, N.: Identity-based authenticated key agreement protocol based on weil pairing. Electron. Lett. 38(13), 630–632 (2002)
Ustaoğlu, B.: Integrating identity-based and certificate-based authenticated key exchange protocols. Int. J. Inf. Secur. 10, 201–212 (2011)
Wang, Y.: Efficient identity-based and authenticated key agreement protocol. Cryptology ePrint Archive, Report 2005/108 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Guo, Y., Zhang, Z. (2012). Authenticated Key Exchange with Entities from Different Settings and Varied Groups. In: Takagi, T., Wang, G., Qin, Z., Jiang, S., Yu, Y. (eds) Provable Security. ProvSec 2012. Lecture Notes in Computer Science, vol 7496. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33272-2_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-33272-2_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33271-5
Online ISBN: 978-3-642-33272-2
eBook Packages: Computer ScienceComputer Science (R0)