Provably secure and efficient identity-based key agreement protocol for independent PKGs using ECC

Document Type: ORIGINAL RESEARCH PAPER

Authors

sabzinejad@tmu.ac.ir

Abstract

Key agreement protocols are essential for secure communications in open and distributed environments. Recently, identity-based key agreement protocols have been increasingly researched because of the simplicity of public key management. The basic idea behind an identity-based cryptosystem is that a public key is the identity (an arbitrary string) of a user, and the corresponding private key is generated by a trusted Private Key Generator (PKG). However, it is unrealistic to assume that a single PKG will be responsible for issuing private keys to members of different organizations or a large-scale nation. Hence, it is needed to consider multiple PKG environments with different system parameters. In this paper, we propose an identity-based key agreement protocol among users of different networks with independent PKGs, which makes use of elliptic curves. We prove the security of the proposed protocol in the random oracle model and show that all security attributes are satisfied. We also demonstrate a comparison between our protocol and some related protocols in terms of the communication costs and the execution time. The results show that the execution time of our protocol is less than 10%, and its communication costs are about 50% of the competitor protocols.

Keywords


[1] ISO/IEC 9594-8 :( the 4th edn.), "Information technology-Open Systems Interconnection-The Directory: Public-key and attribute certificate frameworks," International Organization for Standardization, Geneva, Switzerland, 2001.

[2] A. Shamir, "Identity-based cryptosystems and signature schemes," Proc. of CRYPTO 1984, LNCS, vol. 196, 1984, pp. 47-53.

[3] R.L. Rivest, A. Shamir, L. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Communications of the ACM, vol. 21, no. 2, 1978, pp. 120126.

[4] D. Boneh, M. Franklin, "Identity-based encryption from the weil pairing," Proc. Of CRYPTO2001, LNCS, vol. 2139, 2001, pp. 213-229.

[5] N. Smart, "An Identity-based Authenticated Key Agreement Protocol Based on Weil Pairing," Electronic Letters, vol. 38, 2002, pp. 630-632.

[6] N.Y. Lee, C.N.Wu, C.C.Wang, "Authenticated multiple key exchange protocols based on elliptic curves and bilinear pairings," Computers & Electrical Engineering, vol. 34, no. 1, 2008, pp. 12-20.

[7] D.L. Vo, H. Lee, C.Y. Yeun, K. Kim, "Enhancements of authenticated multiple key exchange protocol based on bilinear pairings," Computers & Electrical Engineering, vol. 36, no. 1, 2009, pp. 155-159.

[8] M.S. Farash, M. Bayat, M.A. Attari, "Vulnerability of two multiple-key agreement protocols," Computers & Electrical Engineering, vol. 37, no. 2, 2011, pp. 199-204.

[9] M.S. Farash, M. Gardeshi, M. Bayat, "Security Enhancement of a multiple-key exchange protocol based on bilinear pairings," 6th International ISC Conference on Information Security and Cryptology (ISCISC2009), 2009, pp. 175-182.

[10] Q. Cheng, C. Ma, "Analysis and improvement of an authenticated multiple key exchange protocol," Computers & Electrical Engineering, vol. 37, no. 2, 2011, pp. 187-190.

[11] L. Ni, G. Chen, J. Li, Y. Hao, "Strongly secure identity-based authenticated key agreement protocols," Computers & Electrical Engineering, vol. 37, no. 2, 2011, pp. 205-217.

[12] M. Holbl, T. Welzer, B. Brumen, "An improved two-party identity-based authenticated key agreement protocol using pairings," Journal

of Computer and System Sciences, vol. 78, no. 1, 2012, pp. 142-150.

[13] D. He, "An efficient remote user authentication and key agreement protocol for mobile client-server environment from pairings," Ad Hoc Networks, vol. 10, no. 6, 2012, pp. 1009-1016.

[14] Z. Zhang, L. Zhu, L. Liao, and M.Wang, "Computationally sound symbolic security reduction analysis of the group key exchange protocols using bilinear pairings," Information Sciences, vol. 209, 2012, pp. 93-112.

[15] Y. Chuang, Y. Tseng, "Towards generalized ID-based user authentication for mobile multi-server environment," International Journal of Communication Systems, vol. 25, no. 4, 2012, pp. 447-460.

[16] K. Shim, "A round-optimal three-party ID-based authenticated key agreement protocol, "Information Sciences, vol. 186, 2012, pp. 239-248.

[17] K. Shim, "Cryptanalysis of Two Identity-Based Authenticated Key Agreement Protocols," IEEE Communications Letters, vol. 16, no. 4, 2012, pp. 554-556.

[18] L. Ni, G. Chen, and J. Li, "Escrowable identity-based authenticated key agreement protocol with strong security," Computers and Mathematics with Applications, 2012,

doi:10.1016/j.camwa.2012.01.041.

[19] M.S. Farash, M.A. Attari, "A new improved and efficient authenticated multiple-key agreement protocol based on bilinear pairings," Computers & Electrical Engineering, 2012, http://dx.doi.

org/10.1016/j.compeleceng.2012.09.004.

[20] L. Chen, Z. Cheng, N.P. Smart, "Identity-based key agreement protocols from pairings," International Journal of Information Security, vol. 6, no. 4, 2007, pp. 213-241.

[21] P. Barreto, H. Kim, B. Lynn, M. Scott, "Efficient algorithms for pairing-based cryptosystems," Proc. CRYPTO 2002, LNCS, vol. 2442, 2002, pp. 354-368, Springer.

[22] P. Barreto, B. Lynn, M. Scott, "On the selection of pairing-friendly groups," Selected Areas in Cryptography (SAC 2003), LNCS, vol. 3006, 2003, pp. 17-25.

[23] D. He, J. Chen, J. Hu, "An ID-based client authentication with key agreement protocol for mobile client-server environment on ECC with provable security. Information Fusion, vol. 13, no. 3, 2012, pp. 223-230.

[24] W. Han and Z. Zhu, "An ID-based mutual authentication with key agreement protocol for multi-server environment on elliptic curve cryptosystem," International Journal of Communication Systems, 2012, DOI: 10.1002/dac.2405.

[25] S. H. Islam, G. P. Biswas, "A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem," The Journal of Systems and Software, vol. 84, no. 11, 2011, pp. 1892-1898.

[26] R.W. Zhu, G. Yang, D.S. Wong, "An efficient identity-based key exchange protocol with KGS forward secrecy for low-power devices, Theor. Comput. Sci. vol. 9, no. 378, 2007, pp. 198-207.

[27] X. Cao, W. Kou, Y. Yu, R. Sun, "Identity-based authentication key agreement protocols without bilinear pairings," IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences, vol. E91-A, no. 12, 2008, pp. 3833-3836.

[28] X. Cao, W. Kou, Y. Yu, R. Sun, "Identity-based authentication key agreement protocols with-out bilinear pairings," Information Sciences, vol. 180, 2010, pp. 2895-2903.

[29] S.K. Hafizul Islam, G.P. Biswas, "An improved pairing-free identity-based authenticated key agreement protocol based on ECC," International Conference on Communication Technology and System Design 2011, Procedia Engineering, vol. 30, 2012, pp. 499-507.

[30] H. Lee, D. Kim, S. Kim, H. Oh, "Identity-based Key Agreement Protocols in a Multiple PKG Environment," Proc. of the Int. Conf. on Computational Science and Its Applications, ICCSA 2005. LNCS, vol. 3483, 2005, pp. 877-886.

[31] S. Kim, H. Lee, H. Oh, "Enhanced ID-Based Authenticated Key Agreement Protocols for a Multiple Independent PKG Environment," Proc. Of ICICS 2005, LNCS, vol. 3783, 2005, pp. 323-335.

[32] M.S. Farash, M.A. Attari, "An ID-Based Key Agreement Protocol Based on ECC Among Users of Separate Networks," 9th International ISC Conference on Information Security and Cryptology (ISCISC2012), September 2012, Tabriz, Iran.

[33] I.F. Blake, G. Seroussi and N.P. Smart, "Advances Elliptic Curves in Cryptography," London Mathematical Society Lecture Note Series. 317, United States of America by Cambridge University Press, New York, 2005.

[34] A. Joux and K. Nguyen, "Separating Decision Diffie-Hellman from Diffie-Hellman in cryptographic groups," Journal of Cryptology, no. 16, 2003, pp. 239248.

[35] S. Blake-Wilson, A. Menezes, Authenticated Diffie-Hellman key agreement protocols, in: Proc. SAC98, LNCS vol. 1556, 1999, pp. 339- 361.

[36] C. Boyd, A. Mathuria, Protocols for Authentication and Key Establishment. Springer-Verlag, June 2003.

[37] C. Kudla, "Special signature schemes and key agreement protocols," Ph.D. Thesis, Royal Holloway University of London, 2006.

[38] M. Bellare and Ph. Rogaway, "Entity Authentication and Key Distribution," In Advances in Cryptology-CRYPTO93, LNCS, vol. 773, 1993, pp. 232-249.

[39] M. Bellare and Ph. Rogaway, "Provably secure session key distribution: the three party case," In Proc. of the 27th Annual ACM Symposium on Theory of Computing-STOC'95, 1995, pp. 57-66.

[40] S. Blake-Wilson, D. Johnson, A. Menezes, "Key agreement protocols and their security analysis," Proc. of the 6th IMA International Conference on Cryptography and Coding, 1997, pp. 30-45.

[41] L. Chen, C. Kudla, "Identity based authenticated key agreement from pairings," In IEEE Computer Security Foundations Workshop, 2003, pp. 219-233.

[42] K. Choo, C. Boyd, Y. Hitchcock, "On session key construction in provably-secure key establishment protocols: revisiting Chen & Kudla (2003) and McCullagh & Barreto (2005) ID-based protocols," In Mycrypt'05, LNCS, vol. 3715, 2005, pp. 116-131.

[43] Z. Cheng, M. Nistazakis, R. Comley, L. Vasiu, "On the indistinguishability-based security model of key agreement protocols-simple cases," Cryptology ePrint Archive, Report 2005/129.

[44] C. Kudla, K. Paterson,"Modular security proofs for key agreement protocols," In Advances in Cryptology-Asiacrypt'05, LNCS, vol. 378, 2005, pp. 549-565.

[45] Y. Wang, "Efficient identity-based and authenticated key agreement protocol," Cryptology ePrint Archive, Report 2005/108.

[46] Shamus Software Ltd., Miracl library. http://www.shamus.ie/index.php?page=home.