Abstract
One advantage of identity-based (ID-based) primitives is the reduced overhead of maintaining multiple static key pairs and the corresponding certificates. However, should a party wish to participate in more than one protocol with the same identity (ID), say email address, the party has to share a state between distinct primitives which is contrary to the conventional key separation principle. Thus it is desirable to consider security of protocols when a public identity and a corresponding private key are utilized in different protocols.
We focus on authenticated key exchange (AKE) and propose a pair of two-party ID-based authenticate key exchange protocols (ID-AKE) that are secure even if parties use the same IDs, private keys and master keys to engage in either protocol. To our knowledge the only ID-AKE protocol formally resilient to ephemeral key leakage is due to Huang and Cao (the HC protocol), where a party’s static key consists of two group elements. Our proposed protocols provide similar assurances and require a single group element both for static and ephemeral keys, and in that sense are optimal. From an efficiency perspective, they have the same number of pairing computations as the HC protocol. The security of all these protocols is established in the random oracle.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994); Full version available at http://www.cs.ucdavis.edu/~rogaway/papers/eakd-abstract.html
Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 30–45. Springer, Heidelberg (1997)
Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Boyd, C., Choo, K.-K.R.: Security of two-party identity-based key agreement. In: Dawson, E., Vaudenay, S. (eds.) MYCRYPT 2005. LNCS, vol. 3715, pp. 229–243. Springer, Heidelberg (2005)
Boyd, C., Cliff, Y., González Nieto, J.M., Paterson, K.: Efficient one-round key exchange in the standard model. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 69–83. Springer, Heidelberg (2008); Full version available at http://eprint.iacr.org/2008/007/
Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001); Full version available at http://eprint.iacr.org/2001/040/
Canetti, R., Krawczyk, H.: Universally composable notions of key exchange and secure channels. In: Knudsen, L. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 337–351. Springer, Heidelberg (2002)
Chatterjee, S., Hankerson, D., Knapp, E., Menezes, A.: Comparing two pairing-based aggregate signature schemes. Designs, Codes and Cryptography 55(2), 141–167 (2010)
Chatterjee, S., Menezes, A., Ustaoğlu, B.: Reusing static keys in key agreement protocols. In: Roy, B., Sendrier, N. (eds.) INDOCRYPT 2009. LNCS, vol. 5922, pp. 39–56. Springer, Heidelberg (2009)
Chen, L., Cheng, Z., Smart, N.P.: Identity-based key agreement protocols from pairings. International Journal of Information Security 6(4), 213–241 (2007)
Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)
González Vasco, M.I., Hess, F., Steinwandt, R.: Combined (identity-based) public key schemes. Cryptology ePrint Archive, Report 2008/466 (2008), http://eprint.iacr.org/2008/466
Hankerson, D., Menezes, A., Scott, M.: Software implementation of pairings. In: Joye, M., Neven, G. (eds.) Identity-Based Cryptography. Cryptology and Information Security, vol. 2, ch. XII, pp. 188–206. IOS Press, Amsterdam (2008)
Huang, H., Cao, Z.: An id-based authenticated key exchange protocol based on bilinear diffie-hellman problem. In: Safavi-Naini, R., Varadharajan, V. (eds.) ASIACCS 2009: Proceedings of the 2009 ACM Symposium on Information, Computer and Communications Security, New York, NY, USA, pp. 333–342 (2009)
Kelsey, J., Schneier, B., Wagner, D.: Protocol interactions and the chosen protocol attack. In: Christianson, B., Crispo, B., Lomas, M., Roe, M. (eds.) SP 1997. LNCS, vol. 1361, pp. 91–104. Springer, Heidelberg (1998)
Krawczyk, H.: HMQV: A high-performance secure Diffie-Hellman protocol. In: Cramer, R. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 546–566. Springer, Heidelberg (2005)
LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007)
Menezes, A., Ustaoğlu, B.: Comparing the pre- and post-specified peer models for key agreement. International Journal of Applied Cryptography (IJACT) 1(3), 236–250 (2009)
Menezes, A.J., Okamoto, T., Vanstone, S.A.: Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Transactions on Information Theory 39(5), 1639–1646 (1993)
NIST National Institute of Standards and Technology. Special Publication 800-56A, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (March 2007), http://csrc.nist.gov/publications/PubsSPs.html
Okamoto, E., Tanaka, K.: Key distribution system based on identification information. IEEE Journal on Selected Arean in Communications 7(4), 481–485 (1989)
Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairings. In: The 2000 Symposium on Cryptography and Information Security (2000)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1984)
Smart, N.P.: Identity-based authenticated key agreement protocol based on weil pairing. Electronic Letters 38(13), 630–632 (2002)
Ustaoğlu, B.: Comparing SessionStateReveal and EphemeralKeyReveal for Diffie-Hellman protocols. In: Pieprzyk, J., Zhang, F. (eds.) ProvSec 2009. LNCS, vol. 5848, pp. 183–197. Springer, Heidelberg (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Fujioka, A., Suzuki, K., Ustaoğlu, B. (2010). Ephemeral Key Leakage Resilient and Efficient ID-AKEs That Can Share Identities, Private and Master Keys. In: Joye, M., Miyaji, A., Otsuka, A. (eds) Pairing-Based Cryptography - Pairing 2010. Pairing 2010. Lecture Notes in Computer Science, vol 6487. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17455-1_12
Download citation
DOI: https://doi.org/10.1007/978-3-642-17455-1_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17454-4
Online ISBN: 978-3-642-17455-1
eBook Packages: Computer ScienceComputer Science (R0)