International Journal of Information Security

, Volume 10, Issue 4, pp 201–212 | Cite as

Integrating identity-based and certificate-based authenticated key exchange protocols

  • Berkant Ustaoğlu
Regular Contribution


Key establishment is becoming a widely deployed cryptographic primitive. As such, there has been extensive research on designing algorithms that produce shared secret keys. These protocols require parties to either hold certificates or rely on identity (ID)-based primitives to achieve authentication. Chain and cross certifications allow users trusting different certification authorities to interact. Similarly, there are methods to extend ID-based solutions across multiple key generation centers (KGC). However, there has been no dedicated work on interoperability between the two settings. A straightforward solution would require each user to maintain certificates and ID-based static keys to accommodate all peers. The cost of maintaining many secret keys; matching keys with protocols; and preventing undesired interference would arguably make such a solution impractical. In this work, we offer an alternative where a user needs to keep a single static key pair and can subsequently engage in a session key establishment with peers holding certificates or identity-based keys. Thus, the proposed solution has none of disadvantages of maintaining multiple static private keys.


Authenticated key establishment Certificate-based protocols ID-based protocols Shared static state ID-PKI integration 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M. (ed.) 6th IMA International Conference, vol. 1355 of LNCS, pp. 30–45. Springer, Berlin (1997)Google Scholar
  2. 2.
    Boyd C., Choo K.-K.R.: Security of two-party identity-based key agreement. In: Dawson, E., Vaudenay, S. (eds) Progress in Cryptology—Mycrypt 2005, vol. 3715 of LNCS, pp. 229–243. Springer, Berlin (2005)Google Scholar
  3. 3.
    Boyd C., Cliff Y., González Nieto J.M., Paterson K.G.: Efficient one-round key exchange in the standard model. In: Mu, Y., Susilo, W., Seberry, J. (eds) Information Security and Privacy—ACISP 2008, vol. 5107 of LNCS, pp. 69–83. Springer, Berlin (2008)CrossRefGoogle Scholar
  4. 4.
    Canetti R., Krawczyk H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (eds) Advances in Cryptology—EUROCRYPT 2001, vol. 2045 of LNCS, pp. 453–474. Springer, Berlin (2001)Google Scholar
  5. 5.
    Canetti R., Krawczyk H.: Security analysis of IKE’s signature-based key-exchange protocol. In: Yung, M. (eds) Advances in Cryptology—CRYPTO 2002, vol. 2442 of LNCS, pp. 143–161. Springer, Berlin (2002)Google Scholar
  6. 6.
    Chatterjee S., Menezes A., Ustaoğlu B.: Reusing static keys in key agreement protocols. In: Roy, B., Sendrier, N. (eds) Progress in Cryptology—INDOCRYPT 2009, vol. 5922 of LNCS, pp. 39–56. Springer, Berlin (2009)Google Scholar
  7. 7.
    Chen L., Cheng Z., Smart N.P.: Identity-based key agreement protocols from pairings. Int. J. Inf. Security 6(4), 213–241 (2007)CrossRefGoogle Scholar
  8. 8.
    Chen, L., Kudla, C.: Identity based authenticated key agreement protocols from pairings. In: Proceedings of 16th IEEE Computer Security Foundations Workshop, pp. 219–233 (2003)Google Scholar
  9. 9.
    Choo K.-K.R., Chow S.S.M.: Strongly-secure identity-based key agreement and anonymous extension. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds) Information Security—ISC 2008, vol. 4779 of LNCS, pp. 203–220. Springer, Berlin (2007)Google Scholar
  10. 10.
    Diffie W., Hellman M.E.: New directions in cryptography. IEEE Trans. Inf. Theory IT-22(6), 644–654 (1976)MathSciNetCrossRefGoogle Scholar
  11. 11.
    ElGamal T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory IT-31(4), 469–472 (1985)MathSciNetCrossRefGoogle Scholar
  12. 12.
    Fujioka, A., Suzuki, K., Ustaoğlu, B.: Utilizing postponed ephemeral and pseudo-static keys in tripartite and identity-based key agreement protocols. Cryptology ePrint Archive, Report 2009/423 (2009)Google Scholar
  13. 13.
    Günther C.G.: An identity-based key-exchange protocol. In: Vandewaile, J., Quisquater, J.-J. (eds) Advances in Cryptology—EUROCRYPT’89, vol. 434 of LNCS, pp. 29–37. Springer, Berlin (1989)Google Scholar
  14. 14.
    Huang, H., Cao, Z.: An ID-based authenticated key exchange protocol based on bilinear Diffie–Hellman problem. In: Safavi-Naini, R., Varadharajan, V. (eds.) ASIACCS ’09: Proceedings of the 2009 ACM Symposium on Information, Computer and Communications Security, pp. 333–342. ACM (2009)Google Scholar
  15. 15.
    Kelsey J., Schneier B., Wagner D.: Protocol interactions and the chosen protocol attack. In: Christianson, B., Crispo, B., Lomas, M., Michael, R. (eds) Security Protocols—5th International Workshop, vol. 1361 of LNCS, pp. 91–104. Springer, Berlin (1998)Google Scholar
  16. 16.
    Krawczyk H.: HMQV: a high-performance secure Diffie–Hellman protocol. In: Cramer, R. (eds) Advances in Cryptology—CRYPTO 2005, vol. 3621 of LNCS, pp. 546–566. Springer, Berlin (2005)Google Scholar
  17. 17.
    LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) Provable Security: First International Conference, ProvSec 2007, vol. 4784 of LNCS, pp. 1–16. Springer, Berlin (2007)Google Scholar
  18. 18.
    Law L., Menezes A., Qu M., Solinas J., Vanstone S.A.: An efficient protocol for authenticated key agreement. Des. Codes Cryptogr. 28(2), 119–134 (2003)MathSciNetzbMATHCrossRefGoogle Scholar
  19. 19.
    McCullagh N., Barreto P.S.L.M.: A new two-party identity-based authenticated key agreement. In: Menezes, A. (eds) Topics in Cryptology—CT-RSA 2005, vol. 3376 of LNCS, pp. 262–274. Springer, Berlin (2005)CrossRefGoogle Scholar
  20. 20.
    Okamoto E., Tanaka K.: Key distribution system based on identification information. IEEE J. Sel. Areas Commun. 7(4), 481–485 (1989)CrossRefGoogle Scholar
  21. 21.
    Rivest R.L., Shamir A., Adleman L.M.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)MathSciNetzbMATHCrossRefGoogle Scholar
  22. 22.
    Shamir A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds) Advances in Cryptology—CRYPTO 84, vol. 196 of LNCS, pp. 47–53. Springer, Berlin (1984)Google Scholar
  23. 23.
    Smart N.P.: Identity-based authenticated key agreement protocol based on weil pairing. IET Electron. Lett. 38(13), 630–632 (2002)zbMATHCrossRefGoogle Scholar
  24. 24.
    Ustaoğlu, B.: Comparing SessionStateReveal and EphemeralKeyReveal for Diffie–Hellman protocols. In: Pieprzyk, J., Zhang, F. (eds.) Provable Security: Third International Conference, ProvSec 2009, vol. 5848 of LNCS, pp. 183–197. Springer, Berlin (2009)Google Scholar
  25. 25.
    Wang, Y.: Efficient identity-based and authenticated key agreement protocol. Cryptology ePrint Archive, Report 2005/108 (2005)Google Scholar
  26. 26.
    Xie, G.: An ID-based key agreement scheme from pairing. Cryptology ePrint Archive, Report 2005/093 (2005)Google Scholar
  27. 27.
    Yuan, Q., Li, S.: A new efficient ID-based authenticated key agreement protocol. Cryptology ePrint Archive, Report 2005/309 (2005)Google Scholar

Copyright information

© Springer-Verlag 2011

Authors and Affiliations

  1. 1.NTT Information Sharing Platform LaboratoriesTokyoJapan

Personalised recommendations