Wuping Chen,Lei Zhang,Bo Qin,Qianhong Wu,Huanguo Zhang

DOI: https://doi.org/10.1109/ias.2009.183

2009-01-01

Abstract:Key agreement is one of the fundamental cryptographic primitives in public key cryptography. It plays an important role for securing systems in practice. In this paper, we present the first certificateless. One-Way authenticated Two-Party key agreement protocol. The security of the proposed protocol is analyzed based on the intractability of the standard discrete logarithm (DL) and bilinear Diffie-Hellman (BDH) problems. For efficiency, our protocol enjoys low complexity in both communication and computation.

Hu Xiong,Zhong Chen,Fagen Li

DOI: https://doi.org/10.1016/j.mcm.2011.10.001

2012-01-01

Mathematical and Computer Modelling

Abstract:Authenticated key agreement (AKA) protocols are multi-party protocols in which entities exchange public information allowing them to create a common secret key that is known only to those entities over an open network. Recently, in order to circumvent the key escrow problem inherent to ID-based cryptography and the certificate management burden in traditional public key infrastructure, the notion of certificateless public key cryptography (CL-PKC) was introduced. In this paper, we first present a security model for certificateless AKA protocols for three parties, and then propose an efficient construction based on bilinear pairings. The security of the proposed scheme can be proved to be equivalent to the computational Diffie–Hellman problem in the random oracle model.

Jianbin Hu,Hu Xiong,Zhi Guan,Cong Tang,Yonggang Wang,Wei Xin,Zhong Chen

DOI: https://doi.org/10.1109/ISPAW.2011.15

2011-01-01

Abstract:Key agreement protocols are multi-party protocols in which entities exchange public information allowing them to create a common secret key that is known only to those entities and which cannot be predetermined by any party. Recently, the notion of certificateless public key cryptography was introduced to mitigate the heavy certificate management burden in traditional public key infrastructure and key escrow problem in ID-based cryptosystem. In this paper, we present an efficient certificateless three-party authenticated key agreement protocol based on certificateless signature scheme. We show that the proposed protocol is secure (i.e. conforms to defined security attributes) while being efficient.

Yang ZHANG,Chaoyang LI,Xiangjun XIN,Fagen LI

DOI: https://doi.org/10.16186/j.cnki.1673-9787.2017.05.015

2017-01-01

Abstract:In order to improve the security and efficiency of the key agreement protocol,a secure one-pass and two-party authenticated key agreement protocol is proposed.In this protocol,a certificateless digital signature is sent to the receiver,in which the sender's public key,identification number,time stamp,and other identifiable information are signed.Then,the receiver verifies the variety of the digital signature.The session key is built by using the Diffie-Hellman key agreement protocol.The new protocol can be proved to be secure in random oracle model;it can also satisfy the properties of known session key secrecy,forward secrecy,uncontrollability of the session key and key compromise impersonation resilience.

Hu Xiong,Zhong Chen,Zhiguang Qin

DOI: https://doi.org/10.1080/00207160.2011.568613

IF: 1.75

2011-01-01

International Journal of Computer Mathematics

Abstract:Key agreement protocols are multi-party protocols in which entities exchange public information allowing them to create a common secret key that is known only to those entities and which cannot be predetermined by any party. Key agreement can be achieved using a public key infrastructure or identity-based cryptography. However, the former suffers from a heavy certificate management burden, while the latter is subject to the so-called key escrow problem. Recently, the notion of certificateless public key cryptography (CL-PKC) was introduced to mitigate these limitations. In this paper, we introduce the notion of three-party authenticated key agreement into CL-PKC and propose a concrete certificateless three-party authenticated key agreement protocol. We show that the proposed protocol is secure (i.e. conforms to defined security attributes) while being efficient.

Haomin Yang,Yaoxue Zhang,Yuezhi Zhou

DOI: https://doi.org/10.1109/wicom.2012.6478268

2012-01-01

Abstract:Certificateless public key cryptography has appealing features, namely it does not require the use of certificates and yet does not have a private key escrow property. In this paper, we propose a certificateless challenge-response signature scheme from bilinear pairings and a dual version of it, and prove these schemes secure under the bilinear Diffie-Hellman assumption in the random oracle model. Using the signatures as blocking blocks, we propose a certificateless two-party key agreement protocol. The proposed key agreement protocol preserves the desirable security properties. The protocol requires each party to compute one pairing operation, three scalar multiplications and no modular exponentiation. Compared with the other related protocols, the protocol has advantages in both security and computational efficiency.

Lei Zhang,Futai Zhang,Qianhong Wu,Josep Domingo-Ferrer

DOI: https://doi.org/10.1016/j.ins.2009.11.036

IF: 8.1

2010-01-01

Information Sciences

Abstract:Key agreement (KA) allows two or more users to negotiate a secret session key among them over an open network. Authenticated key agreement (AKA) is a KA protocol enhanced to prevent active attacks. AKA can be achieved using a public-key infrastructure (PKI) or identity-based cryptography. However, the former suffers from a heavy certificate management burden while the latter is subject to the so-called key escrow problem. Recently, certificateless cryptography was introduced to mitigate these limitations. In this paper, we first propose a security model for AKA protocols using certificateless cryptography. Following this model, we then propose a simulatable certificateless two-party AKA protocol. Security is proven under the standard computational Diffie–Hellman (CDH) and bilinear Diffie–Hellman (BDH) assumptions. Our protocol is efficient and practical, because it requires only one pairing operation and five multiplications by each party.

Yuezhi Zhou

2012-01-01

Abstract:Certificateless public key cryptography has appealing features,namely it does not require the use of certificates and does not have a private key escrow feature.This paper describes a certificateless key agreement protocol based on bilinear pairings.The identity authentication in the protocol depends on a digital signature scheme.This paper proves the security of the signature scheme.The results show that in the random oracle model with the discrete logarithm assumption,the signature scheme resists existential forgeries against adaptive chosen-message attacks.The results farther show that the protocol preserves the desired security properties,including known-key security,unknown key-share resilience,perfect forward secrecy,key-compromise impersonation resilience and leakage of ephemeral private key resilience.The protocol requires much lower computation overhead than related protocols,since it uses fewer bilinear pairing operations and no modular exponentiation.

Hu Xiong,Zhong Chen,Fagen Li

DOI: https://doi.org/10.1016/j.jnca.2012.10.001

IF: 7.574

2013-01-01

Journal of Network and Computer Applications

Abstract:Key agreement allows multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. In the recent years, several identity-based (ID-based) authenticated key agreement protocols have been proposed and most of them broken. In this paper, we formalize the security model of ID-based authenticated tripartite key agreement protocol and propose a provably secure ID-based authenticated key agreement protocol for three parties with formal security proof under the computational Diffie-Hellman assumption. Experimental results by using the AVISPA tool show that the proposed protocol is secure against various malicious attacks.

Huihua Zhou,Tianjiang Wang,Minghui Zheng

DOI: https://doi.org/10.1007/978-94-007-2105-0_21

2011-01-01

Abstract:This paper considers the issue on authenticated two-party key agreement protocol over an insecure public network. Many authenticated key agreement protocols have been proposed to meet the challenges. However, existing protocols are either limited by the use of public key infrastructure or by their security, suffering dictionary attack. To overcome these disadvantages, we propose an efficient two-party password-based key agreement protocol resistant to the dictionary attacks by adding password-authentication services. Under the Computation Gap Diffie-Hellman assumption, we will show the proposed protocol is provably secure in both the ideal-cipher model and the random-oracle model.

Shi Yijuan,Li Jianhua

DOI: https://doi.org/10.1007/s11859-006-0194-y

2007-01-01

Wuhan University Journal of Natural Sciences

Abstract:Certificateless public key cryptography was introduced to overcome the key escrow limitation of the identity-based cryptography. It combines the advantages of the identity-based cryptography and the traditional PKI. Many certificateless public key encryption and signature schemes have been proposed. However, the key agreement in CL-PKE is seldom discussed. In this paper, we present a new certificateless two party authentication key agreement protocol and prove its security attributes. Compared with the existing protocol, our protocol is more efficient.

Na Li,Yun-wei Dong,Yu-Chen Zhang,Tian-Wei Che

DOI: https://doi.org/10.14257/ijsia.2015.9.12.09

2015-01-01

International Journal of Security and Its Applications

Abstract:An enhanced security certificateless key agreement scheme is designed in this paper. System building and the generation of user key and key distribution are described in detail. The analysis result of security and performance indicate that this protocol is highly secure and the performance is better than other similar protocols.

Haomin Yang,Yaoxue Zhang,Yuezhi Zhou

DOI: https://doi.org/10.1109/ICCT.2012.6511182

2017-01-01

Abstract:Recently, Mokhtarnameh, Ho, Muthuvelu proposed a certificateless key agreement protocol. In this paper, we show that their protocol is unsecured against a man-in-the-middle attack. In addition, the authors claimed that their scheme provides a binding long-term public key with a corresponding partial private key. In fact, their protocol does not achieve the binding. We propose an improved key agreement protocol based on the protocol proposed by Mokhtarnameh et al. The improved protocol can resist the man-in-the-middle attack as well as satisfy the desired security properties for key agreement. It truly achieves the one-to-one correspondence between the long-term public key and the partial private key of a user. Compared with the other related protocols, the protocol has advantages in both security and computational efficiency.

ShengBao Wang,Zhenfu Cao,Xiaolei Dong

2006-01-01

Journal of Information and Computational Science

Abstract:Authenticated key agreement is a central piece for building secure communications, and perhaps the most commonly used cryptographic protocol. In this paper, an efficient two-party certificateless authenticated key agreement protocol is proposed, which is based on one of the MTI key agreement protocols: the MTI/CO protocol. Our protocol also uses bilinear pairings on certain elliptic curves. After a comparison with the former counterpart, we show that the newly proposed key agreement protocol is of great efficiency and more practical. Furthermore, the security properties of the new protocol are studied using heuristic approaches.

CL Lin,HA Wen,T Hwang,HM Sun

2004-01-01

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences

Abstract:We will propose a key-agreement-type three-party password-authenticated key exchange protocol. The proposed protocol is quite efficient and, among the same type of protocols, is the first to be formally proven to be secure. A three-party formal model for security proof is proposed based on [25] and [26]. We construct a simulator in this model to show that our proposed protocol is secure under reasonable and well-defined cryptographic primitives.

HaoMin Yang,Yaoxue Zhang,Yuezhi Zhou

2012-01-01

Abstract:To solve the problem of existing eCK-secure identity-based two-party authenticated key agreement protocols that only provide weak forward secrecy, a protocol with perfect forward secrecy is proposed. The identity authentication in the protocol depends on a digital signature scheme. The security of the proposed protocol is proved using a sequence-of-games approach. The proof results show that: in the random oracle model and under the bilinear Diffie-Hellman(BDH) assumption, the protocol is secure in the eCK security model; compared with the existing protocols which are not eCK-secure, the proposed protocol has an advantage in terms of security; compared with the other eCK secure protocols, the proposed protocol provides perfect forward secrecy, and the other protocols only provide weak forward secrecy.

LIU Wen-hao,XU Chun-xiang

DOI: https://doi.org/10.3969/j.issn.1001-3695.2010.11.078

2010-01-01

Abstract:A few of certificateless key agreement schemes have been proposed in recent years,all of them need pairing operations,what's more,most of them are vulnerable to the key compromise impersonation attack and resistance to leakage of ephemeral keys.The provably secure certificateless key agreement protocol was proposed by Lippold in 2009,but their protocol suffered from computation burden.In order to solve the above-mentioned problem,this paper proposed a new pairing-free certificateless two party key agreement scheme (CL-KA) and presened its security properties.The new scheme was secure as long as each party had at least one uncompromised secret.Thus,the new scheme was secure even if the key generation centre learned the ephemeral secrets of both parties.The new scheme achieves efficiency in computational cost when compared with Lippold's protocol.

Debiao He,Jianhua Chen,Jin Hu

DOI: https://doi.org/10.1002/dac.1265

2011-01-01

International Journal of Communication Systems

Abstract:SUMMARYMany certificateless two‐party authenticated key agreement schemes using bilinear pairings have been proposed. But the relative computation cost of the pairing is approximately twenty times higher than that of the scalar multiplication over elliptic curve group In order to improve the performance we propose a certificateless two‐party authenticated key agreement scheme without bilinear pairings in this paper. A security proof under random oracle model is also provided. Copyright © 2011 John Wiley & Sons, Ltd.

Debiao He,Yitao Chen,Jianhua Chen,Rui Zhang,Weiwei Han

DOI: https://doi.org/10.1016/j.mcm.2011.08.004

2011-01-01

Abstract:Certificateless public key cryptography (CLPKC), which can simplify the complex certificate management in the traditional public key cryptography and resolve the key escrow problem in identity-based cryptography, has been widely studied. As an important part of CLPKC, certificateless two-party authenticated key agreement (CTAKA) protocols have also received considerable attention. Recently, many CTAKA protocols using bilinear pairings have been proposed. But the relative computation cost of the pairing is approximately twenty times higher than that of the scalar multiplication over elliptic curve group. To improve the performance, several CTAKA protocols without pairings have been proposed. In this paper, we will show a latest CTAKA protocol is not secure against a type 1 adversary. To improve the security and performance, we also propose a new CTAKA protocol without pairing. At last, we show the proposed protocol is secure under the random oracle model.

WANG Sheng-Bao,Zhenfu Cao,DONG Xiao-Lei

2007-01-01

Chinese Journal of Computers

Abstract:This paper presents an identity-based key agreement protocols that are provably secure without random oracles(namely,in the standard model).It is inspired by a new identity-based encryption scheme first proposed by Gentry.This paper details how this key agreement can be used in either escrowed or escrowless mode.All the proposed protocols are compared performance(with respect to computational and communication efficiencies) to all known protocols that are only proven secure in the random oracle model.