Cryptanalysis of Three Certificate-Based Authenticated Key Agreement Protocols and a Secure Construction
نویسندگان
چکیده
Certificate-based cryptography is a new public-key cryptographic paradigm that has very appealing features, namely it simplifies the certificate management problem in traditional public key cryptography while eliminating the key escrow problem in identity-based cryptography. So far, three authenticated key agreement (AKA) protocols in the setting of certificate-based cryptography have been proposed in the literature. Unfortunately, none of them are secure under the public key replacement (PKR) attack. In this paper, we first present a security model for certificate-based AKA protocols that covers the PKR attacks. We then explore the existing three certificate-based AKA protocols and show the concrete attacks against them respectively. To overcome the weaknesses in these protocols, we propose a new certificate-based AKA protocol and prove its security strictly in the random oracle model. Performance comparison shows that the proposed protocol outperforms all the previous certificate-based AKA protocols.
منابع مشابه
Cryptanalysis on Identity-based Authenticated Key Agreement Protocols from Pairings
Two-party authenticated key agreement protocol is used to authenticate entities and establish session keys in an open network in order to provide secure communications between two parties. Several security attributes are highly desired for such protocols, such as perfect forward secrecy (the corruption of long-term keys of all the entities should not compromise any session key), PKG forward sec...
متن کاملA Secure and Efficient Key Agreement Protocol Based on Certificateless Cryptography
Almost all the certificateless two-party authenticated key agreement (CTAKA) protocols found in the literature, suffer either serious security problems or inefficient performance that involves high computational costs. In this paper, we design a secure and efficient CTAKA protocol. Within the proposed CTAKA protocol, the KGC publishes the public keys of the users in a public directory (LDAP ser...
متن کاملCryptanalysis of a Three-party Password-based Authenticated Key Exchange Protocol
Key exchange protocols allow two or more parties communicating over a public network to establish a common secret key called a session key. Due to their significance in building a secure communication channel, a number of key exchange protocols have been suggested over the years for a variety of settings. Recently, Lo et al. proposed a three-party password-based authenticated key exchange (3PAK...
متن کاملAnalysis And Improvement of Pairing-Free Certificate-Less Two-Party Authenticated Key Agreement Protocol For Grid Computing
The predominant grid authentication mechanisms use public key infrastructure (PKI). Nonetheless, certificate-less public key cryptography (CL-PKC) has several advantages that seem to well align with the demands of grid computing. Security and efficiency are the main objectives of grid authentication protocols. Unfortunately, certificate-less authenticated key agreement protocols rely on the bil...
متن کاملProvably secure and efficient identity-based key agreement protocol for independent PKGs using ECC
Key agreement protocols are essential for secure communications in open and distributed environments. Recently, identity-based key agreement protocols have been increasingly researched because of the simplicity of public key management. The basic idea behind an identity-based cryptosystem is that a public key is the identity (an arbitrary string) of a user, and the corresponding private key is ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2015 شماره
صفحات -
تاریخ انتشار 2015