• PDF / 356,090 Bytes
• 8 Pages / 430 x 660 pts Page_size
• 20 Downloads / 197 Views

DOWNLOAD

REPORT

stract. In their seminal paper on certificateless public key cryptography, Al-Riyami and Paterson (AP) proposed a certificateless authenticated key agreement protocol. Key agreement protocols are one of the fundamental primitives of cryptography, and allow users to establish session keys securely in the presence of an active adversary. AP’s protocol essentially requires each party to compute four bilinear pairings. Such operations can be computationally expensive, and should therefore be used moderately in key agreement. In this paper, we propose a new certificateless authenticated two-party key agreement protocol that only requires each party to compute two pairings. We analyze the security of the protocol and show that it achieves the desired security attributes. Furthermore, we show that our protocol can be used to establish keys between users of different key generation centers. Keywords: Certificateless public key cryptography, authenticated key agreement, bilinear map.

1

Introduction

In the public key infrastructure (PKI), certificates are used to provide an assurance of the relationship between the public keys and the identities that hold the corresponding private keys. However, there are many problems associated with certificates such as revocation, storage, distribution, and cost of validation. In 1984, Shamir [7] proposed the notion of identity-based public key cryptography (ID-PKC) to simplify certificate management. The idea of ID-PKC is to let an entity’s public key be directly derived from certain aspects of its identity, such as the IP address of the hostname or the e-mail address. Thus, ID-PKC also eliminates the need for certificates. Unfortunately, ID-PKC is not without problems. Identity-based systems rely on a private key generator (PKG) that uses a system-wide master key in generating private keys. Thus, many identity-based schemes inevitably introduce key escrow : the PKG can recover the session key established by entities for which it has issued a private key. This property is either acceptable or unacceptable. For instance, in the health care profession it may be a legal requirement to provide M. Okada and I. Satoh (Eds.): ASIAN 2006, LNCS 4435, pp. 37–44, 2007. c Springer-Verlag Berlin Heidelberg 2007 

38

T.K. Mandt and C.H. Tan

an audit trail to every transaction. On the other hand, such invasion of privacy may cause ID-PKC to be unsuited in a variety of other applications, such as personal communications. Certificateless public key cryptography (CL-PKC) [1] was proposed by AlRiyami and Paterson to alleviate the problems associated with PKI and IDPKC. It does not require the use of certificates and yet does not have the key escrow limitation of ID-PKC. For this reason, CL-PKC can be seen as a public key cryptography model intermediate between the two former paradigms. In their seminal paper, Al-Riyami and Paterson (AP) proposed a certificateless authenticated two-party key agreement protocol. Key agreement protocols allow entities to establish session keys securely in the presence of an active a

Recommend Documents

SAS-Based Group Authentication and Key Agreement Protocols

166 77 13MB

Secure and Efficient Cloud-based IoT Authenticated Key Agreement scheme for e-Health Wireless Sensor Networks

203 19 2MB

Lightweight and secure PUF-based authenticated key agreement scheme for smart grid

177 57 1MB

A Secure and Efficient Three-Pass Authenticated Key Agreement Protocol Based on Elliptic Curves

171 10 30MB

Fuzzy Asymmetric Password-Authenticated Key Exchange

174 39 24MB

Analysis of Authentication and Key Agreement (AKA) Protocols in Long-Term Evolution (LTE) Access Network

148 59 248KB

Post-quantum Group Key Agreement Scheme

182 82 55MB

Multiparty Key Agreement for Wireless Networks

172 15 49MB

A practical key agreement scheme for videoconferencing

188 82 804KB

Continuous Group Key Agreement with Active Security

170 61 29MB

An Efficient Password-Only Two-Server Authenticated Key Exchange System

175 23 486KB

Group Key Agreement for Wireless Networks

181 70 49MB