Abstract
This paper considers identity-based authenticated key agreement (IBAKA) with multiple private key generators (PKGs). In conventional IBAKA scenarios, a single PKG manages all parties in a system, whereas in a multiple PKG setting, several PKGs exist in a system, and each party is given a private key by a PKG who manages the party. IBAKA is expected to maintain security against exposing private information such as static or ephemeral private keys even in a multiple PKG setting. We define a security model for IBAKA with multiple PKGs to achieve this exposure-resilience property. Based on a security notion, we propose a one-round secure protocol under the gap bilinear Diffie–Hellman assumption in the random oracle model. The protocol utilize the NAXOS approach to embed the gap bilinear Diffie–Hellman instance even when both ephemeral private keys are exposed.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
The model should be called the id-BJM model as the BR model is defined for AKA in a symmetric key setting.
- 2.
We found the same protocol in [13].
- 3.
Pairing \(e: \mathbb {G}_{1} \times \mathbb {G}_{2} \rightarrow \mathbb {G}_{T}\) is referred to as symmetric when \(\mathbb {G}_{1} = \mathbb {G}_{2}\) and asymmetric when \(\mathbb {G}_{1} \ne \mathbb {G}_{2}\).
References
Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994). doi:10.1007/3-540-48329-2_21
Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Denning, D.E., Pyle, R., Ganesan, R., Sandhu, R.S., Ashby, V. (eds.) CCS 1993, pp. 62–73. ACM, New York (1993)
Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 30–45. Springer, Heidelberg (1997). doi:10.1007/BFb0024447
Boyd, C., Choo, K.-K.R.: Security of two-party identity-based key agreement. In: Dawson, E., Vaudenay, S. (eds.) Mycrypt 2005. LNCS, vol. 3715, pp. 229–243. Springer, Heidelberg (2005). doi:10.1007/11554868_17
Boyd, C., Cliff, Y., Gonzalez Nieto, J., Paterson, K.G.: Efficient one-round key exchange in the standard model. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 69–83. Springer, Heidelberg (2008). doi:10.1007/978-3-540-70500-0_6. http://eprint.iacr.org/2008/007
Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001). doi:10.1007/3-540-44987-6_28
Chen, L., Kudla, C.: Identity based authenticated key agreement protocols from pairings. In: IEEE CSFW 2016, pp. 219–233. IEEE Computer Society, Washington, D.C. (2003). http://eprint.iacr.org/2002/184
Chen, L., Cheng, Z., Smart, N.P.: Identity-based key agreement protocols from pairings. Int. J. Inf. Secur. 6(4), 213–241 (2007)
Choo, K.-K.R., Boyd, C., Hitchcock, Y.: Examining indistinguishability-based proof models for key establishment protocols. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 585–604. Springer, Heidelberg (2005). doi:10.1007/11593447_32
Cremers, C.J.F.: Session-state Reveal is stronger than Ephemeral Key Reveal: attacking the NAXOS authenticated key exchange protocol. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 20–33. Springer, Heidelberg (2009). doi:10.1007/978-3-642-01957-9_2
Cremers, C.J.F.: Examining indistinguishability-based security models for key exchange protocols: the case of CK, CK-HMQV, and eCK. In: Chen, Y., Danezis, G., Shmatikov, V. (eds.) CCS 2011, pp. 80–91. ACM, New York (2011)
Farash, M.S., Attari, M.A.: Provably secure and efficient identity-based key agreement protocol for independent PKGs using ECC. ISC Int. J. Inf. Secur. 5(1), 55–70 (2013)
Farash, M.S., Attari, M.A.: A pairing-free ID-based key agreement protocol with different PKGs. Int. J. Netw. Secur. 16(2), 143–148 (2014)
Fujioka, A., Hoshino, F., Kobayashi, T., Suzuki, K., Ustaoğlu, B., Yoneyama, K.: id-eCK secure ID-based authenticated key exchange on symmetric pairing and its extension to asymmetric case. IEICE Trans. 96-A(6), 1139–1155 (2013)
Fujioka, A., Suzuki, K.: Sufficient condition for identity-based authenticated key exchange resilient to leakage of secret keys. In: Kim, H. (ed.) ICISC 2011. LNCS, vol. 7259, pp. 490–509. Springer, Heidelberg (2012). doi:10.1007/978-3-642-31912-9_32
Fujioka, A., Suzuki, K., Ustaoğlu, B.: Ephemeral key leakage resilient and efficient id-akes that can share identities, private and master keys. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 187–205. Springer, Heidelberg (2010). doi:10.1007/978-3-642-17455-1_12
Fujioka, A., Suzuki, K., Xagawa, K., Yoneyama, K.: Strongly secure authenticated key exchange from factoring, codes, and lattices. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 467–484. Springer, Heidelberg (2012). doi:10.1007/978-3-642-30057-8_28
Huang, H., Cao, Z.: An ID-based authenticated key exchange protocol based on bilinear Diffie-Hellman problem. In: Li, W., Susilo, W., Tupakula, U.K., Safavi-Naini, R., Varadharajan, V. (eds.) ASIACCS 2009, pp. 333–342. ACM, New York (2009)
ISO/IEC 15946–1:2016: Information technology – Security techniques – Cryptographic techniques based on elliptic curves - Part 1: General (2016)
Krawczyk, H.: HMQV: a high-performance secure Diffie-Hellman protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 546–566. Springer, Heidelberg (2005). doi:10.1007/11535218_33
Kim, S., Lee, H., Oh, H.: Enhanced ID-based authenticated key agreement protocols for a multiple independent PKG environment. In: Qing, S., Mao, W., López, J., Wang, G. (eds.) ICICS 2005. LNCS, vol. 3783, pp. 323–335. Springer, Heidelberg (2005). doi:10.1007/11602897_28
LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007). doi:10.1007/978-3-540-75670-5_1
Lee, H., Kim, D., Kim, S., Oh, H.: Identity-based key agreement protocols in a multiple PKG environment. In: Gervasi, O., Gavrilova, M.L., Kumar, V., Laganá, A., Lee, H.P., Mun, Y., Taniar, D., Tan, C.J.K. (eds.) ICCSA 2005. LNCS, vol. 3483, pp. 877–886. Springer, Heidelberg (2005). doi:10.1007/11424925_92
McCullagh, N., Barreto, P.S.L.M.: A new two-party identity-based authenticated key agreement. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 262–274. Springer, Heidelberg (2005). doi:10.1007/978-3-540-30574-3_18
Mishra, D., Mukhopadhyay, S.: Cryptanalysis of pairing-free identity-based authenticated key agreement protocols. In: Bagchi, A., Ray, I. (eds.) ICISS 2013. LNCS, vol. 8303, pp. 247–254. Springer, Heidelberg (2013). doi:10.1007/978-3-642-45204-8_19
Oh, J., Moon, S.-J., Ma, J.: An attack on the identity-based key agreement protocols in multiple PKG environment. IEICE Trans. 89-A(3), 826–829 (2006)
Vallent, T.F., Yoon, E.-J., Kim, H.: An escrow-free two-party identity-based key agreement protocol without using pairings for distinct PKGs. IEEK Trans. Smart Process. Comput. 2(3), 168–175 (2013)
Xie, G.: Cryptanalysis of Noel McCullagh and Paulo S.L.M. Barreto’s two-party identity-based key agreement. IACR Cryptology ePrint Archive. Report 2004/308 (2004). http://eprint.iacr.org/2004/308
Zhong, Y., Ma, J.: A highly secure identity-based authenticated key-exchange protocol for satellite communication. J. Commun. Netw. 12(6), 592–599 (2010)
Acknowledgments
The author would like to thank Tsunekazu Saito, Koutarou Suzuki, and Tetsutaro Kobayashi for discussing problems in the multiple private key generator scenario. The author also would like to thank the anonymous reviewers for their comments and suggestions that helped me to improve this paper.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Fujioka, A. (2017). One-Round Exposure-Resilient Identity-Based Authenticated Key Agreement with Multiple Private Key Generators. In: Phan, RW., Yung, M. (eds) Paradigms in Cryptology – Mycrypt 2016. Malicious and Exploratory Cryptology. Mycrypt 2016. Lecture Notes in Computer Science(), vol 10311. Springer, Cham. https://doi.org/10.1007/978-3-319-61273-7_21
Download citation
DOI: https://doi.org/10.1007/978-3-319-61273-7_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-61272-0
Online ISBN: 978-3-319-61273-7
eBook Packages: Computer ScienceComputer Science (R0)