Cryptanalysis of Three Certificate-Based Authenticated Key Agreement Protocols and a Secure Construction

نویسندگان

  • Yang Lu
  • Quanling Zhang
  • Jiguo Li
چکیده

Certificate-based cryptography is a new public-key cryptographic paradigm that has very appealing features, namely it simplifies the certificate management problem in traditional public key cryptography while eliminating the key escrow problem in identity-based cryptography. So far, three authenticated key agreement (AKA) protocols in the setting of certificate-based cryptography have been proposed in the literature. Unfortunately, none of them are secure under the public key replacement (PKR) attack. In this paper, we first present a security model for certificate-based AKA protocols that covers the PKR attacks. We then explore the existing three certificate-based AKA protocols and show the concrete attacks against them respectively. To overcome the weaknesses in these protocols, we propose a new certificate-based AKA protocol and prove its security strictly in the random oracle model. Performance comparison shows that the proposed protocol outperforms all the previous certificate-based AKA protocols.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Cryptanalysis on Identity-based Authenticated Key Agreement Protocols from Pairings

Two-party authenticated key agreement protocol is used to authenticate entities and establish session keys in an open network in order to provide secure communications between two parties. Several security attributes are highly desired for such protocols, such as perfect forward secrecy (the corruption of long-term keys of all the entities should not compromise any session key), PKG forward sec...

متن کامل

A Secure and Efficient Key Agreement Protocol Based on Certificateless Cryptography

Almost all the certificateless two-party authenticated key agreement (CTAKA) protocols found in the literature, suffer either serious security problems or inefficient performance that involves high computational costs. In this paper, we design a secure and efficient CTAKA protocol. Within the proposed CTAKA protocol, the KGC publishes the public keys of the users in a public directory (LDAP ser...

متن کامل

Cryptanalysis of a Three-party Password-based Authenticated Key Exchange Protocol

Key exchange protocols allow two or more parties communicating over a public network to establish a common secret key called a session key. Due to their significance in building a secure communication channel, a number of key exchange protocols have been suggested over the years for a variety of settings. Recently, Lo et al. proposed a three-party password-based authenticated key exchange (3PAK...

متن کامل

Analysis And Improvement of Pairing-Free Certificate-Less Two-Party Authenticated Key Agreement Protocol For Grid Computing

The predominant grid authentication mechanisms use public key infrastructure (PKI). Nonetheless, certificate-less public key cryptography (CL-PKC) has several advantages that seem to well align with the demands of grid computing. Security and efficiency are the main objectives of grid authentication protocols. Unfortunately, certificate-less authenticated key agreement protocols rely on the bil...

متن کامل

Provably secure and efficient identity-based key agreement protocol for independent PKGs using ECC

Key agreement protocols are essential for secure communications in open and distributed environments. Recently, identity-based key agreement protocols have been increasingly researched because of the simplicity of public key management. The basic idea behind an identity-based cryptosystem is that a public key is the identity (an arbitrary string) of a user, and the corresponding private key is ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2015  شماره 

صفحات  -

تاریخ انتشار 2015