Skip to main content
SpringerLink
Log in

Design of Two-Party Authenticated Key Agreement Protocol Based on ECC and Self-Certified Public Keys

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

A two-party authenticated key agreement (2PAKA) protocol based on Elliptic curve cryptography (ECC) and the self-certified public key (SC-PKC) of the user is proposed in this paper. Although several ECC-based 2PAKA protocols using either public key infrastructure (PKI) or Identity-based cryptosystem (IBC) have been proposed recently, they suffer from certain limitations. For instance, the former requires heavy computation and management of public key certificate (PKC) and the latter induces a private key escrow problem as the private key is generated by a trusted third party, called private key generator (PKG). Also the man-in-the-middle attack may occur from a malicious PKG and the resilience against such an attack for an authenticated key agreement protocol is needed. In this paper, we proposed the design of a 2PAKA protocol using ECC and SC-PKC that removes all the limitations as mentioned above. In SC-PKC, a trusted third party, called system authority (SA) generates the public key of a user based on user identity signed by SA and user generated signature based on the private key of the user. The proposed scheme is provably secure in the random oracle model under the Computational Diffie–Hellman assumption. Also the formal security validation of our scheme using Automated Validation of Internet Security Protocols and Applications software is done and simulation results prove that it is safe against both the active and passive adversaries. In addition, our protocol is computationally efficient and may be considered as an alternative of the PKI- or IBC-based 2PAKA protocol.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Diffie, W., & Hellman, M. (1976). New directions in cryptography. IEEE Transactions on Information Theory, 22, 644–654.

    Article  MATH  MathSciNet  Google Scholar 

  2. Barreto, P., Lynn, B., & Scott, M. (2004). On the selection of pairing-friendly groups. In Proceedings of the selected areas in cryptography, LNCS, Vol. 3006, Springer, 2004, pp. 17–25.

  3. Barreto, P., Kim, H., Lynn, B., & Scott, M. (2002). Efficient algorithms for pairing-based cryptosystems. In Proceedings of the 22nd annual international cryptology conference on advances in cryptology, LNCS, Vol. 2442, Springer, pp. 354–368.

  4. Blake-Wilson, S., Johnson, D., & Menezes, A. (1997). Key agreement protocols and their security analysis. In Proceedings of the 6th IMA international conference on cryptography and coding, LNCS, Vol. 1335, Springer, pp. 30–45.

  5. Boneh, D., & Franklin, M. K. (2001). Identity-based encryption from the Weil pairing. In Proceedings of the advances in cryptology, LNCS, Vol. 2139, Springer, pp. 213–229.

  6. Boyd, C., & Choo, K. K. R. (2005). Security of two-party identity-based key agreement. In Proceedings of the progress in cryptology (MYCRYPT’05), LNCS, Vol. 3715, Springer, pp. 229–243.

  7. Canetti, R., & Krawczyk, H. (2001). Analysis of key exchange protocols and their use for building secure channels. In Proceedings of the advances in cryptology (EUROCRYPT’01), LNCS, Vol. 2045, Springer, pp. 453–474.

  8. Cao, X., Kou, W., & Du, X. (2010). A pairing-free identity-based authenticated key agreement protocol with minimal message exchanges. Information Sciences, 180, 2895–2903.

    Article  MATH  MathSciNet  Google Scholar 

  9. Chen, L., & Kudla, C. (2002). Identity based key agreement protocols from pairings. In Proceedings of the 16th IEEE computer security foundations workshop, pp. 219–233.

  10. Chen, T. H., Lee, W. B., & Chen, H. B. (2008). A round-and computation-efficient three-party authenticated key exchange protocol. Journal of System and Software, 81(9), 1581–1590.

    Article  MathSciNet  Google Scholar 

  11. Chen, L., Cheng, Z., & Smart, N. P. (2007). Identity-based key agreement protocols from pairings. International Journal of Information Security, 6, 213–241.

    Article  Google Scholar 

  12. Cheng, Z., Nistazakis, M., Comley, R., & Vasiu, L. (2005). On the indistinguishability-based security model of key agreement protocols-simple cases. Cryptology ePrint Archieve, Report 2005/129, 2005. Available at http://eprint.iacr.org/2005/129

  13. Choie, Y., Jeong, E., & Lee, E. (2005). Efficient identity-based authenticated key agreement protocol from pairings. Applied Mathematics and Computation, 162, 179–188.

    Article  MATH  MathSciNet  Google Scholar 

  14. Choo, K. K. R., Boyd, C., Hitchcock, Y., & Maitland, G. (2005). On session identifiers in provably secure protocols: The Bellare-Rogaway three-party key distribution protocol revisited. In Proceedings of the information security and privacy, LNCS, Vol. 3352, Springer, pp. 351–366.

  15. Chung, Y. F., Huang, K. H., Lai, F., & Chen, T. S. (2005). ID-based digital signature scheme on the elliptic curve cryptosystem. Computer Standards & Interfaces, 29(6), 601–604.

    Article  Google Scholar 

  16. Girault, M. (1991). Self-certified public keys. In Proceedings of the advances in cryptology (EUROCRYPT’91), LNCS, Vol. 547, Springer, pp. 491–497.

  17. Hankerson, D., Menezes, A., & Vanstone, S. (2004). Guide to elliptic curve cryptography. New York: Springer.

    MATH  Google Scholar 

  18. Hölbl, M., & Welzer, T. (2009). Two improved two-party identity-based authenticated key agreement protocols. Computer Standards & Interfaces, 31, 1056–1060.

    Article  Google Scholar 

  19. Hsieh, B. T., Sun, H. M., Hwang, T., & Lin, C. T. (2002) An improvement of Saeednia’s identity based key exchange protocol. In Proceedings of the information security conference, pp. 41–43.

  20. Koblitz, N. (1987). Elliptic curve cryptosystem. Journal of Mathematics of Computation, 48, 203–209.

    Article  MATH  MathSciNet  Google Scholar 

  21. Kudla, C., & Paterson, K. G. (2005). Modular security proofs for key agreement protocols. In Procdeedings of the advances in cryptolog (ASIACRYPT’05), LNCS, Vol. 3788, Springer, pp. 549–565.

  22. Li, S., Yuan, Q., & Li, J. (2005). Towards security two-part authenticated key agreement protocols. Cryptology ePrint Archive, Report, 2005/300, 2005. Available at http://eprint.iacr.org/2005/300.

  23. Lu, R., & Cao, Z. (2007). Simple three-party key exchange protocol. Computers & Security, 26(2007), 94–97.

    Article  Google Scholar 

  24. McCullagh, N., & Barreto, P. S. L. M. (2005). A new two-party identity-based authenticated key agreement. In Proceedings of the topics in cryptology (CT-RSA’05), pp. 262–274.

  25. Miller, V. S. (1985). Use of elliptic curves in cryptography. In Proceeding on advances in cryptology (CRYPTO’85), LNCS, Vol. 218, Springer, pp. 417–426.

  26. Phan, R. C. W., Yau, W. C., & Goi, B. M. (2008). Cryptanalysis of simple three-party key exchange protocol (S-3PAKE). Information Science, 178, 2849–2856.

    Article  MATH  MathSciNet  Google Scholar 

  27. Pu, Q., Zhao, X., & Ding, J. (2009). Cryptanalysis of a three-party authenticated key exchange protocol using elliptic curve cryptography. In Proceedings of the international conference on research challenges in computer science, pp. 7–10.

  28. Ren, K., Lou, W., Zeng, K., & Moran, P. J. (2007). On broadcast authentication in wireless sensor networks. IEEE Transaction on Wireless Communication, 6(11), 4136–4144.

    Article  Google Scholar 

  29. Ryu, E., Yoon, E., & Yoo, K. (2004). An efficient ID-based authenticated key agreement protocol from pairings. In Proceedings of the networking technologies, services, and protocols; performance of computer and communication networks; mobile and wireless communications (NETWORKING’04), LNCS, Vol. 3042, pp. 1458–1463.

  30. Saeednia, S. (2000). Improvement of Gunther’s identity-based key exchange protocol. Electronics Letters, 36(18), 1535–1536.

    Article  Google Scholar 

  31. Shamir, A. (1984). Identity-based cryptosystems and signature schemes. In Proceedings of the advances in cryptology (CRYPTO’84), LNCS, Vol. 196

  32. Shim, K. (2003). Efficient ID-based authenticated key agreement protocol based on Weil pairing. Electronics Letters, 39(8), 653–654.

    Article  Google Scholar 

  33. Smart, N. P. (2002). An identity based authenticated key agreement protocol based on the Weil pairing. Electronics Letters, 38, 630–632.

    Article  MATH  Google Scholar 

  34. Sun, H., & Hsieh, B. (2003). Security analysis of Shim’s authenticated key agreement protocols from pairings, Cryptology ePrint Archive 2003/113. Available at http://eprint.iacr.org/2003/113/

  35. Tan, Z. (2010). An enhanced three-party authentication key exchange protocol for mobile commerce environments. Journal of Communications, 5(5), 436–443.

    Article  Google Scholar 

  36. Tseng, Y. M. (2007). An efficient two-party identity-based key exchange protocol. Informatica, 18(1), 125–136.

    MATH  MathSciNet  Google Scholar 

  37. Tseng, Y. M., Jan, J. K., & Wang, C. H. (2002). Cryptanalysis and improvement of an identity based key exchange protocol. Journal of Computers, 14(3), 7–22.

    Google Scholar 

  38. Wang, S., Cao, Z., Choo, K. K. R., & Wang, L. (2009). An improved identity-based key agreement protocol and its security proof. Information Sciences, 179, 307–318.

    Article  MATH  MathSciNet  Google Scholar 

  39. Wang, S., Cao, Z., Cheng, C., & Choo, K. K. R. (2009). Perfect forward secure identity-based authenticated key agreement protocol in the escrow mode. Science in China series F: Information sciences, 52(8), 1358–1370.

    Article  MATH  MathSciNet  Google Scholar 

  40. Xie, G. (2004). Cryptanalysis of Noel McCullagh and Paulo S.L.M. Barreto’s two-party identity-based key agreement, Cryptology ePrint Archive, Report 2004/ 308, 2004. Available at http://eprint.iacr.org/2004/308.

  41. Yang, J. H., & Chang, C. C. (2009). An efficient three-party authenticated key exchange protocol using elliptic curve cryptography for mobile-commerce environments. Journal of system and Software, 82(9), 1497–1502.

    Article  Google Scholar 

  42. Zhang, S., Cheng, Q., & Wang, S. (2010) Impersonation attack on two identity-based authenticated key exchange protocols. In Proceedings of the WASE international conference on information engineering, pp. 113–116.

  43. Zhu, R. W., Yang, G., & Wong, D. S. (2007). Theoretical Computer Science, 9(378), 198–207.

    Article  MathSciNet  Google Scholar 

  44. Das, A. K. (2012). A secure and effective user authentication and privacy preserving protocol with smart cards for wireless communications. Networking Science,. doi:10.1007/s13119-012-0009-8.

    Google Scholar 

  45. Das, A. K., Massand, A., & Patil, S. (2013). A novel proxy signature scheme based on user hierarchical access control policy. Journal of King Saud University-Computer and Information Sciences,. doi:10.1016/j.jksuci.2012.12.001.

    Google Scholar 

  46. Farash, M. S., Attari, M. A., Atani, R. E., & Jami, M. (2012). A new efficient authenticated multiple-key exchange protocol from bilinear pairings. Computers Electrical Engineering, 39(2), 530–541.

    Article  Google Scholar 

  47. Basu, A., Sengupta, I., & Sing, J. K. (2012). Formal security verification of secured ECC based signcryption scheme. In Proceedings of the advances in computer science, engineering & applications, LNCS, Vol. 167, Springer, pp 713–725.

  48. Islam, S. H., & Biswas, G. P. (2013). An efficient and secure strong designated verifier signature signature scheme without pairings. Journal of Applied Mathematics & Informatics, 31(3), 425–441.

    Article  MATH  MathSciNet  Google Scholar 

  49. Islam, S. H., & Biswas, G. P. (2013). A provably secure identity-based strong designated verifier proxy signature scheme from bilinear pairings. Journal of King Saud University-Computer and Information Sciences,. doi:10.1016/j.jksuci.2013.03.004.

    Google Scholar 

  50. AVISPA Web tool: Automated validation of internet security protocols and applications. www.avispa-project.org/web-interface/. Accessed on Jan 2013.

  51. AVISPA: The AVISPA user manual (2005). http://www.avispa-project.org/publications.html

  52. Dolev, D., & Yao, A. C. (1983). On the security of public-key protocols. IEEE Transactions on Information Theory, 2(29), 198–208.

    Article  MathSciNet  Google Scholar 

  53. Islam, S. H., & Biswas, G. P. (2013). Provably secure and pairing-free certificateless digital signature scheme using elliptic curve cryptography. International Journal of Computer Mathematics,. doi:10.1080/00207160.2013.776674.

    Google Scholar 

  54. Islam, S. H., & Biswas, G. P. (2012). A pairing-free identity-based authenticated group key agreement protocol for imbalanced mobile networks. Annals of Telecommunications, 67(11–12), 547–558.

    Article  Google Scholar 

  55. Cao, X., Kou, W., Yu, Y., & Sun, R. (2008). Identity-based authentication key agreement protocols without bilinear pairings. IEICE Transaction on Fundamentals., E91–A(12), 3833–3836.

    Article  Google Scholar 

  56. Zu-hua, S. (2005). Efficient authenticated key agreement protocol using self-certified public keys from pairings. Wuhan University Journal of Natural Sciences, 10(1), 267–270.

    Article  MathSciNet  Google Scholar 

  57. Ni, L., Chen, G. L., Li, J. H., & Hao, Y. Y. (2013). Strongly secure identity-based authenticated key agreement protocols in the escrow mode. Science China Information Sciences, 56(8), 1–14.

    Article  MathSciNet  Google Scholar 

  58. Wang, S., Cao, Z., & Cao, F. (2008). Efficient identity-based authenticated key agreement protocol with PKG forward secrecy. International Journal of Network Security, 7(2), 181–186.

    Google Scholar 

  59. Tsaur, W. J. (2005). Several security schemes constructed using ECC-based self-certified public key cryptosystems. Applied Mathematics and Computation, 168, 447–464.

    Article  MATH  MathSciNet  Google Scholar 

Download references

Acknowledgments

The work is supported by the Outstanding Potential for Excellence in Research and Academics (OPERA) award, Birla Institute of Technology and Science (BITS) Pilani, Pilani Campus, Rajasthan, India.

Author information

Authors and Affiliations

  1. Department of Computer Science and Information Systems, Birla Institute of Technology and Science, Pilani, Rajasthan, 333031, India

    SK Hafizul Islam

  2. Department of Computer Science and Engineering, Indian School of Mines, Dhanbad, 826004, Jharkhand, India

    G. P. Biswas

Authors
  1. SK Hafizul Islam
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. G. P. Biswas
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to SK Hafizul Islam.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Islam, S.H., Biswas, G.P. Design of Two-Party Authenticated Key Agreement Protocol Based on ECC and Self-Certified Public Keys. Wireless Pers Commun 82, 2727–2750 (2015). https://doi.org/10.1007/s11277-015-2375-5

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-015-2375-5

Keywords

Search

Navigation