Weitere Artikel dieser Ausgabe durch Wischen aufrufen
A two-party authenticated key agreement (2PAKA) protocol based on Elliptic curve cryptography (ECC) and the self-certified public key (SC-PKC) of the user is proposed in this paper. Although several ECC-based 2PAKA protocols using either public key infrastructure (PKI) or Identity-based cryptosystem (IBC) have been proposed recently, they suffer from certain limitations. For instance, the former requires heavy computation and management of public key certificate (PKC) and the latter induces a private key escrow problem as the private key is generated by a trusted third party, called private key generator (PKG). Also the man-in-the-middle attack may occur from a malicious PKG and the resilience against such an attack for an authenticated key agreement protocol is needed. In this paper, we proposed the design of a 2PAKA protocol using ECC and SC-PKC that removes all the limitations as mentioned above. In SC-PKC, a trusted third party, called system authority (SA) generates the public key of a user based on user identity signed by SA and user generated signature based on the private key of the user. The proposed scheme is provably secure in the random oracle model under the Computational Diffie–Hellman assumption. Also the formal security validation of our scheme using Automated Validation of Internet Security Protocols and Applications software is done and simulation results prove that it is safe against both the active and passive adversaries. In addition, our protocol is computationally efficient and may be considered as an alternative of the PKI- or IBC-based 2PAKA protocol.
Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten
Sie möchten Zugang zu diesem Inhalt erhalten? Dann informieren Sie sich jetzt über unsere Produkte:
Barreto, P., Lynn, B., & Scott, M. (2004). On the selection of pairing-friendly groups. In Proceedings of the selected areas in cryptography, LNCS, Vol. 3006, Springer, 2004, pp. 17–25.
Barreto, P., Kim, H., Lynn, B., & Scott, M. (2002). Efficient algorithms for pairing-based cryptosystems. In Proceedings of the 22nd annual international cryptology conference on advances in cryptology, LNCS, Vol. 2442, Springer, pp. 354–368.
Blake-Wilson, S., Johnson, D., & Menezes, A. (1997). Key agreement protocols and their security analysis. In Proceedings of the 6th IMA international conference on cryptography and coding, LNCS, Vol. 1335, Springer, pp. 30–45.
Boneh, D., & Franklin, M. K. (2001). Identity-based encryption from the Weil pairing. In Proceedings of the advances in cryptology, LNCS, Vol. 2139, Springer, pp. 213–229.
Boyd, C., & Choo, K. K. R. (2005). Security of two-party identity-based key agreement. In Proceedings of the progress in cryptology (MYCRYPT’05), LNCS, Vol. 3715, Springer, pp. 229–243.
Canetti, R., & Krawczyk, H. (2001). Analysis of key exchange protocols and their use for building secure channels. In Proceedings of the advances in cryptology (EUROCRYPT’01), LNCS, Vol. 2045, Springer, pp. 453–474.
Chen, L., & Kudla, C. (2002). Identity based key agreement protocols from pairings. In Proceedings of the 16th IEEE computer security foundations workshop, pp. 219–233.
Chen, L., Cheng, Z., & Smart, N. P. (2007). Identity-based key agreement protocols from pairings. International Journal of Information Security, 6, 213–241. CrossRef
Cheng, Z., Nistazakis, M., Comley, R., & Vasiu, L. (2005). On the indistinguishability-based security model of key agreement protocols-simple cases. Cryptology ePrint Archieve, Report 2005/129, 2005. Available at http://eprint.iacr.org/2005/129
Choo, K. K. R., Boyd, C., Hitchcock, Y., & Maitland, G. (2005). On session identifiers in provably secure protocols: The Bellare-Rogaway three-party key distribution protocol revisited. In Proceedings of the information security and privacy, LNCS, Vol. 3352, Springer, pp. 351–366.
Chung, Y. F., Huang, K. H., Lai, F., & Chen, T. S. (2005). ID-based digital signature scheme on the elliptic curve cryptosystem. Computer Standards & Interfaces, 29(6), 601–604. CrossRef
Girault, M. (1991). Self-certified public keys. In Proceedings of the advances in cryptology (EUROCRYPT’91), LNCS, Vol. 547, Springer, pp. 491–497.
Hankerson, D., Menezes, A., & Vanstone, S. (2004). Guide to elliptic curve cryptography. New York: Springer. MATH
Hölbl, M., & Welzer, T. (2009). Two improved two-party identity-based authenticated key agreement protocols. Computer Standards & Interfaces, 31, 1056–1060. CrossRef
Hsieh, B. T., Sun, H. M., Hwang, T., & Lin, C. T. (2002) An improvement of Saeednia’s identity based key exchange protocol. In Proceedings of the information security conference, pp. 41–43.
Kudla, C., & Paterson, K. G. (2005). Modular security proofs for key agreement protocols. In Procdeedings of the advances in cryptolog (ASIACRYPT’05), LNCS, Vol. 3788, Springer, pp. 549–565.
Li, S., Yuan, Q., & Li, J. (2005). Towards security two-part authenticated key agreement protocols. Cryptology ePrint Archive, Report, 2005/300, 2005. Available at http://eprint.iacr.org/2005/300.
Lu, R., & Cao, Z. (2007). Simple three-party key exchange protocol. Computers & Security, 26(2007), 94–97. CrossRef
McCullagh, N., & Barreto, P. S. L. M. (2005). A new two-party identity-based authenticated key agreement. In Proceedings of the topics in cryptology (CT-RSA’05), pp. 262–274.
Miller, V. S. (1985). Use of elliptic curves in cryptography. In Proceeding on advances in cryptology (CRYPTO’85), LNCS, Vol. 218, Springer, pp. 417–426.
Pu, Q., Zhao, X., & Ding, J. (2009). Cryptanalysis of a three-party authenticated key exchange protocol using elliptic curve cryptography. In Proceedings of the international conference on research challenges in computer science, pp. 7–10.
Ren, K., Lou, W., Zeng, K., & Moran, P. J. (2007). On broadcast authentication in wireless sensor networks. IEEE Transaction on Wireless Communication, 6(11), 4136–4144. CrossRef
Ryu, E., Yoon, E., & Yoo, K. (2004). An efficient ID-based authenticated key agreement protocol from pairings. In Proceedings of the networking technologies, services, and protocols; performance of computer and communication networks; mobile and wireless communications (NETWORKING’04), LNCS, Vol. 3042, pp. 1458–1463.
Saeednia, S. (2000). Improvement of Gunther’s identity-based key exchange protocol. Electronics Letters, 36(18), 1535–1536. CrossRef
Shamir, A. (1984). Identity-based cryptosystems and signature schemes. In Proceedings of the advances in cryptology (CRYPTO’84), LNCS, Vol. 196
Shim, K. (2003). Efficient ID-based authenticated key agreement protocol based on Weil pairing. Electronics Letters, 39(8), 653–654. CrossRef
Sun, H., & Hsieh, B. (2003). Security analysis of Shim’s authenticated key agreement protocols from pairings, Cryptology ePrint Archive 2003/113. Available at http://eprint.iacr.org/2003/113/
Tan, Z. (2010). An enhanced three-party authentication key exchange protocol for mobile commerce environments. Journal of Communications, 5(5), 436–443. CrossRef
Tseng, Y. M., Jan, J. K., & Wang, C. H. (2002). Cryptanalysis and improvement of an identity based key exchange protocol. Journal of Computers, 14(3), 7–22.
Xie, G. (2004). Cryptanalysis of Noel McCullagh and Paulo S.L.M. Barreto’s two-party identity-based key agreement, Cryptology ePrint Archive, Report 2004/ 308, 2004. Available at http://eprint.iacr.org/2004/308.
Yang, J. H., & Chang, C. C. (2009). An efficient three-party authenticated key exchange protocol using elliptic curve cryptography for mobile-commerce environments. Journal of system and Software, 82(9), 1497–1502. CrossRef
Zhang, S., Cheng, Q., & Wang, S. (2010) Impersonation attack on two identity-based authenticated key exchange protocols. In Proceedings of the WASE international conference on information engineering, pp. 113–116.
Das, A. K. (2012). A secure and effective user authentication and privacy preserving protocol with smart cards for wireless communications. Networking Science,. doi: 10.1007/s13119-012-0009-8.
Das, A. K., Massand, A., & Patil, S. (2013). A novel proxy signature scheme based on user hierarchical access control policy. Journal of King Saud University-Computer and Information Sciences,. doi: 10.1016/j.jksuci.2012.12.001.
Farash, M. S., Attari, M. A., Atani, R. E., & Jami, M. (2012). A new efficient authenticated multiple-key exchange protocol from bilinear pairings. Computers Electrical Engineering, 39(2), 530–541. CrossRef
Basu, A., Sengupta, I., & Sing, J. K. (2012). Formal security verification of secured ECC based signcryption scheme. In Proceedings of the advances in computer science, engineering & applications, LNCS, Vol. 167, Springer, pp 713–725.
Islam, S. H., & Biswas, G. P. (2013). A provably secure identity-based strong designated verifier proxy signature scheme from bilinear pairings. Journal of King Saud University-Computer and Information Sciences,. doi: 10.1016/j.jksuci.2013.03.004.
AVISPA Web tool: Automated validation of internet security protocols and applications. www.avispa-project.org/web-interface/. Accessed on Jan 2013.
AVISPA: The AVISPA user manual (2005). http://www.avispa-project.org/publications.html
Islam, S. H., & Biswas, G. P. (2013). Provably secure and pairing-free certificateless digital signature scheme using elliptic curve cryptography. International Journal of Computer Mathematics,. doi: 10.1080/00207160.2013.776674.
Islam, S. H., & Biswas, G. P. (2012). A pairing-free identity-based authenticated group key agreement protocol for imbalanced mobile networks. Annals of Telecommunications, 67(11–12), 547–558. CrossRef
Cao, X., Kou, W., Yu, Y., & Sun, R. (2008). Identity-based authentication key agreement protocols without bilinear pairings. IEICE Transaction on Fundamentals., E91–A(12), 3833–3836. CrossRef
Wang, S., Cao, Z., & Cao, F. (2008). Efficient identity-based authenticated key agreement protocol with PKG forward secrecy. International Journal of Network Security, 7(2), 181–186.
- Design of Two-Party Authenticated Key Agreement Protocol Based on ECC and Self-Certified Public Keys
SK Hafizul Islam
G. P. Biswas
- Springer US