Skip to main content
SpringerLink
Log in

Identity-based key agreement protocols from pairings

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

In recent years, a large number of identity- based key agreement protocols from pairings have been proposed. Some of them are elegant and practical. However, the security of this type of protocol has been surprisingly hard to prove, even in the random oracle model. The main issue is that a simulator is not able to deal with reveal queries, because it requires solving either a computational problem or a decisional problem, both of which are generally believed to be hard (i.e., computationally infeasible). The best solution so far for security proofs uses the gap assumption, which means assuming that the existence of a decisional oracle does not change the hardness of the corresponding computational problem. The disadvantage of using this solution to prove security is that such decisional oracles, on which the security proof relies, cannot be performed by any polynomial time algorithm in the real world, because of the hardness of the decisional problem. In this paper we present a method incorporating a built-in decisional function into the protocols. The function transfers a hard decisional problem in the proof to an easy decisional problem. We then discuss the resulting efficiency of the schemes and the relevant security reductions, in the random oracle model, in the context of different pairings one can use. We pay particular attention, unlike most other papers in the area, to the issues which arise when using asymmetric pairings.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Advances in Cryptology—Crypto ’96, pp.1–15. Springer, Heidelberg LNCS 1109 (1996)

  2. Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Advances in Cryptology—Crypto ’93,pp. 232–249 Springer, Heidelberg LNCS 773 (1993)

  3. Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Cryptography and Coding,pp. 30–45. Springer, Heidelberg, LNCS 1355, (1997)

  4. Boneh, D., Franklin, M.: Identity based encryption from the Weil pairing. In: Advances in Cryptology—Crypto 2001,pp. 213–229. Springer, Heidelberg, LNCS 2139 (2001)

  5. Boyd, C., Mao, W., Paterson, K.: Key agreement using statically keyed authenticators. In: Applied Cryptography and Network Security: Second International Conference—ACNS 2004,pp.248–262. Springer, Heidelberg LNCS 3089(2004)

  6. Cheng, Z.: The private communications (2003)

  7. Cheng, Z., Chen, L.: On security proof of McCullagh-Barreto’s key agreement protocol and its variants. To appear in Int. J. of Security and Networks(IJSN) Special Issue on Cryptography in Network. Also available on Cryptology ePrint Archive, Report 2005/201

  8. Chen, L., Cheng, Z.: Security proof of the Sakai-Kasahara’s identity-based encryption scheme. In: Cryptography and Coding, pp.442–459. Springer, Heidlberg, LNCS 3706 (2005)

  9. Choo, K., Boyd, C., Hitchcock, Y.: On session key construction in provably-secure key establishment protocols: revisiting Chen & Kudla (2003) and McCullagh & Barreto (2005) ID-based protocols. In: Mycrypt 2005, pp. 116 – 131. Springer, Heidelberg, LNCS 3715, Also available on Cryptology ePrint Archive, Report 2005/206 (2005)

  10. Choie Y., Jeong E. and Lee E. (2005). Efficient identity-based authenticated key agreement protocol from pairings. Appl. Math. Comput. 162: 179–188

    Article  MATH  MathSciNet  Google Scholar 

  11. Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Advances in Cryptology—Eurocrypt 2001, pp. 453–474. Springer, Heidelberg, LNCS 2045 (2001)

  12. Chen, L., Kudla, C.: Identity based authenticated key agreement from pairings. In: IEEE Computer Security Foundations Workshop, pp.219–233 (2003). The modified version of this paper is available at Cryptology ePrint Archive, Report 2002/184 (2003)

  13. Cheng, Z., Nistazakis, M., Comley, R., Vasiu, L.: On the indistinguishability-based security model of key agreement protocols-simple cases. Cryptology ePrint Archive, Report 2005/129

  14. Galbraith, S., Paterson, K., Smart, N.P.: Pairings for cryptographers. Cryptology ePrint Archive, Report 2006/165

  15. Granger, R., Page, D., Smart, N.P.: High security pairing-based cryptography revisited. In: Algorithmic Number Theory Symposium VII, pp .480–494. Springer, Heidelberg LNCS 4076 (2006)

  16. Hess, F., Smart, N.P., Vercauteren, F.: The Eta pairing revisited. Cryptology ePrint Archive, Report 2006/110

  17. ISO/IEC 11770-3:1999. Information technology—security techniques—key management—part 3: mechanisms using asymmetric techniques

  18. Joux, A.: A one-round protocol for tripartite Diffie–Hellman. In: Algorithmic Number Theory Symposium—ANTS-IV, pp. 385–394 Springer, Heidelberg, LNCS 1838 (2000)

  19. Kudla, C.: Special signature schemes and key agreement protocols. PhD Thesis, Royal Holloway University of London (2006)

  20. Kudla C., Paterson, K.: Modular security proofs for key agreement protocols. In: Advances in Cryptology—Asiacrypt 2005, pp.549–565 Springer, Heidelberg, LNCS 378. (2005)

  21. Lim, C.H., Lee, P.J.: A key recovery attack on discrete log-based schemes using a prime order subgroup. In: Advances in Cryptology—Crypto ’97, pp. 249-263. Springer, Heidelberg LNCS 1294 (1997)

  22. Law L., Menezes A., Qu M., Solinas J. and Vanstone S (2003). An efficient protocol for authenticated key agreement. Des, Codes Cryptogr 28: 119–134

    Article  MATH  MathSciNet  Google Scholar 

  23. Li, S., Yuan, Q., Li, J.: Towards security two-part authenticated key agreement protocols. Cryptology ePrint Archive, Report 2005/300

  24. McCullagh, N., Barreto, P.S.L.M.: A new two-party identity-based authenticated key agreement. In: Topics in Cryptology—CT-RSA 2005, pp. 262–274 Springer, Heidelberg, LNCS 3376 (2005)

  25. Mitchell C., Ward M. and Wilson P (1998). Key control in key agreement protocols. Electron.Lett. 34: 980–981

    Article  Google Scholar 

  26. Okamoto E. (1986). Proposal for identity-based key distribution system. Electron. Lett. 22: 1283–1284

    Article  Google Scholar 

  27. Ryu, E., Yoon, E., Yoo, K.: An efficient ID-based authenticated key agreement protocol from pairings. In: Networking 2004, pp. 1458–1463. Springer, Heidelberg, LNCS 3042 (2004)

  28. Sakai, R., Kasahara, M.: ID based cryptosystems with pairing on elliptic curve. Cryptology ePrint Archive, Report 2003/054

  29. Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing. In: Symposium on Cryptography and Information Security, Okinawa (2000)

  30. Scott, M.: Authenticated ID-based key exchange and remote log-in with insecure token and PIN number. Cryptology ePrint Archive, Report 2002/164

  31. Shacham, H.: New Paradigms in Signature Schemes. PhD Thesis, U. Stanford (2005)

  32. Shamir, A.: Identity-based cryptosystems and signature schemes. In: Advances in Cryptology—Crypto ’84, pp.47–53. Springer, Heidelberg, LNCS 196 (1984)

  33. Shim K. (2003). Efficient ID-based authenticated key agreement protocol based on the Weil pairing. Electron Lett 39: 653–654

    Article  Google Scholar 

  34. Shim, K.: Cryptanalysis of two ID-based authenticated key agreement protocols from pairings. Cryptology ePrint Archive, Report 2005/357

  35. Smart N.P. (2002). An identity based authenticated key agreement protocol based on the Weil pairing. Electro. Lett. 38: 630–632

    Article  Google Scholar 

  36. Sun, H., Hsieh, B.: Security analysis of Shim’s authenticated key agreement protocols from pairings. Cryptology ePrint Archive, Report 2003/113

  37. Tanaka K. and Okamoto E. (1991). Key distribution system for mail systems using ID-related information directory. Comput. Secur. 10: 25–33

    Article  Google Scholar 

  38. Wang, Y.: Efficient identity-based and authenticated key agreement protocol. Cryptology ePrint Archive, Report 2005/108

  39. Xie, G.: An ID-based key agreement scheme from pairing. Cryptology ePrint Archive, Report 2005/093

  40. Yuan, Q., Li, S.A.: A new efficient ID-based authenticated key agreement protocol. Cryptology ePrint Archive, Report 2005/309

Download references

Author information

Authors and Affiliations

  1. Hewlett-Packard Laboratories, Filton Road, Stoke Gifford, Bristol, BS34 8QZ, UK

    L. Chen

  2. School of Computing Science, Middlesex University, The Burroughs, Hendon, London, NW4 4BT, UK

    Z. Cheng

  3. Department of Computer Science, University of Bristol, Merchant Venturers Building, Woodland Road, Bristol, BS8 1UB, UK

    N. P. Smart

Authors
  1. L. Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Z. Cheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. N. P. Smart
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to N. P. Smart.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Chen, L., Cheng, Z. & Smart, N.P. Identity-based key agreement protocols from pairings. Int. J. Inf. Secur. 6, 213–241 (2007). https://doi.org/10.1007/s10207-006-0011-9

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-006-0011-9

Keywords

Search

Navigation