Skip to main content

CMQV+: An authenticated key exchange protocol from CMQV


Ustaoglu presents a secure and efficient key exchange protocol named CMQV, based on the design rationales of HMQV and NAXOS. Compared with the latter two protocols, on one hand, CMQV achieves high performance of HMQV, and on the other, it is proven secure in eCK model as NAXOS is. However, CMQV enjoys the security proof under gap Diffie-Hellman assumption as indicated by its creators. In this paper, we propose a variant of CMQV, called CMQV+, which is proven secure under a weaker assumption (i.e. computational Diffie-Hellman assumption) in eCK model with random oracles while maintaining the high-performance feature of CMQV as much as possible.

This is a preview of subscription content, access via your institution.


  1. Diffie W, Hellman M. New direction in cryptography. IEEE Trans Inf Theory, 1976, 31: 469–472

    MathSciNet  Google Scholar 

  2. Menezes A, Qu M, Vanstone S. Some new key agreement protocols providing mutual implicit authentication. In: Second Workshop on Selected Areas in Cryptography (SAC 95). Berlin: Springer, 1995. 22–32

    Google Scholar 

  3. Law L, Menezes A, Qu M, et al. An efficient protoocl for authenticated key agreement. Des Codes Cryptography, 2003, 28: 119–134

    MathSciNet  MATH  Article  Google Scholar 

  4. Krawczyk H. HMQV: A high-performance secure Diffie-Hellman protocol. In: Proceedings of 25th Annual International Cryptology Conference CRYPTO 2005. Berlin: Springer, 2005. 546–566

    Google Scholar 

  5. LaMacchia B, Lauter K, Mityagin A. Stronger security of authenticated key exchange. In: Proceedings of First International Conference ProvSec 2007. Berlin: Springer, 2007. 1–16

    Google Scholar 

  6. NIST. Skipjack and KEA Algorithm Specification. Version 2.0., 1998

  7. Lauter K, Mityagin A. Security analysis of KEA authenticated key exchange protocol. In: Proceedings of 9th International Conference on Theory and Practice in Public-Key Cryptography. Berlin: Springer, 2006. 378–394

    Google Scholar 

  8. ANSI. Public Key Cryptography for the Financial Services Industry: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography. X9.42-2000. 1999

  9. ANSI. Public Key Cryptography for the Financial Services Industry: Key Agreement and Key Transport Using Elliptic Curve Cryptography. X9.63-2001. 2001

  10. IEEE. IEEE Standard Specifications for Public-Key Cryptography. IEEE Std 1363-2000. IEEE Comput Soc. 2000

  11. ISO, IEC. Information Technology-Security Techniques-Cryptographic Techniques based on Elliptic Curves: Part 3-Key Establishment. ISO/IEC 15946-3. 2002

  12. NIST. NIST Special Publication 800-56 (DRAFT): Recommendation on Key Establishment Schemes. Draft 2. 2003

  13. Kaliski B. An unknown key-share attack on the MQV key agreement protocol. ACM Trans Inf Syst Security (TISSEC), 2001, 4: 275–288

    Article  Google Scholar 

  14. Canetti R, Krawczyk H. Analysis of key-exchange protocols and their use for building secure channels. In: Proceedings of International Conference on the Theory and Application of Cryptographic Techniques EuroCRYPT 2001. Berlin: Springer, 2011. 453–474

    Google Scholar 

  15. Bellare M, Rogaway P. Entity authentication and key distribution. In: Proceedings of 13th Annual International Cryptology Conference Crypto’93. Berlin: Springer, 1994. 232–249

    Google Scholar 

  16. Bellare M, Canetti R, Krawczyk H. A modular approach to the design and analysis of authentication and key exchange protocol. In: Proceedings of the 30th annual ACM symposium on Theory of computing STOC’98. Dallas: ACM Press, 1998. 419–428

    Google Scholar 

  17. Ustaoglu B. Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS. Des Codes Cryptography, 2008, 46: 329–342

    MathSciNet  Article  Google Scholar 

  18. Okamoto T. Authenticated key exchange and key encapsulation in the standard model. In: Proceedings of 13th International Conference on the Theory and Application of Cryptology and Information Security ASIACRYPT 2007. Berlin: Springer, 2007. 474–484

    Google Scholar 

  19. Lee J, Park J H. Authenticated key exchange secure under the computational Diffie-Hellman assumption. Cryptology ePrint Archive, Report 2008, 344.

  20. Huang H, Cao Z. Strongly secure authenticated key exchange protocol based on computational Diffie-Hellman problem. Cryptology ePrint Archive, Report 2008, 500.

  21. Huang H, Cao Z. An ID-based authenticated key exchange protocol based on bilinear Diffie-Hellman problem. In: Proceedings of the 4th International Symposium on Information, Computer and Communications Security ASIACCS’09. Sydney: ACM Press, 2009. 333–342

    Google Scholar 

  22. Cash D, Kiltz E, Shoup V. The twin diffie-hellman problem and applications. In: Proceedings of 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques EuroCRYPT 2008. Berlin: Springer, 2008. 127–145

    Google Scholar 

  23. Pointcheval D, Stern J. Security arguments for digital signatures and blind signatures. J Cryptology, 2000, 13: 361–396

    MATH  Article  Google Scholar 

Download references

Author information

Authors and Affiliations


Corresponding author

Correspondence to Hui Li.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Li, H., Wu, C. CMQV+: An authenticated key exchange protocol from CMQV. Sci. China Inf. Sci. 55, 1666–1674 (2012).

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI:


  • key exchange
  • eCK model
  • trapdoor-test technique
  • provable security
  • CDH assumption