A Study of Two-Party Certificateless Authenticated Key-Agreement Protocols

@inproceedings{Swanson2009ASO,
  title={A Study of Two-Party Certificateless Authenticated Key-Agreement Protocols},
  author={Colleen Swanson and David Jao},
  booktitle={INDOCRYPT},
  year={2009}
}
We survey the set of all prior two-party certificateless key agreement protocols available in the literature at the time of this work. We find that all of the protocols exhibit vulnerabilities of varying severity, ranging from lack of resistance to leakage of ephemeral keys up to (in one case) a man-in-the-middle attack. Many of the protocols admit key-compromise impersonation attacks despite claiming security against such attacks. In order to describe our results rigorously, we introduce the… 

Certificateless one-pass and two-party authenticated key agreement protocol and its extensions

  • Lei Zhang
  • Computer Science, Mathematics
    Inf. Sci.
  • 2015

Efficient three-party authenticated key agreement protocol in certificateless cryptography

This paper proposes a concrete certificateless three-party authenticated key agreement protocol and shows that the proposed protocol is secure (i.e. conforms to defined security attributes) while being efficient.

Cryptanalysis and improvement of two certificateless three-party authenticated key agreement protocols

Improved protocols are proposed to make up two original protocols' security weaknesses, respectively, and security analysis shows that the improved protocols can remove such security weaknesses.

Yet Another Certificateless Three-Party Authenticated Key Agreement Protocol

  • Jian-bin HuH. Xiong Zhong Chen
  • Computer Science, Mathematics
    2011 IEEE Ninth International Symposium on Parallel and Distributed Processing with Applications Workshops
  • 2011
This paper presents an efficient certificateless three-party authenticated key agreement protocol based on certificateless signature scheme and shows that the proposed protocol is secure (i.e. conforms to defined security attributes) while being efficient.

Certificateless Two Party Key Agreement Protocol

  • Liu WenhaoX. ChunxiangXu Jian
  • Computer Science, Mathematics
    2010 International Conference on Multimedia Information Networking and Security
  • 2010
The proposed certificateless two party key agreement protocol (CL-KA) is the most efficient one of all the previously known security CL-KA schemes and the security attributes are analyzed in the extended Canetti-Krawzcyk(eCK) security model.

Provably Secure Certificateless One-Way and Two-Party Authenticated Key Agreement Protocol

  • Lei Zhang
  • Computer Science, Mathematics
    ICISC
  • 2012
This paper proposes a concrete certificateless one-way and two-party authenticated key agreement protocol that requires only one pass and has low communication overhead.

A Two-Party Certificateless Authenticated Key Agreement Protocol with Provable Security

A two-party certificateless authenticated key agreement scheme which has proven to be secure in the random oracle model and has higher efficiency than several other strongly secure key agreement protocols.

Impersonation attack on CertificateLess key agreement protocol

The security flaw of Kim et al.'s CTAKA protocol is described, which is found vulnerable against Key-Compromise Impersonation (K-CI) attack.

References

SHOWING 1-10 OF 28 REFERENCES

Security in Key Agreement: Two-Party Certificateless Schemes

A possible extension of the existing extended Canetti-Krawzcyk security model applicable to the certificateless setting and attempts to formalize a relevant notion of security in two-party key agreement protocols in the public-key setting.

Key-Compromise Impersonation Attacks on Some Certificateless Key Agreement Protocols and Two Improved Protocols

  • Gao MengZhang Futai
  • Computer Science, Mathematics
    2009 First International Workshop on Education Technology and Computer Science
  • 2009
It is shown that some existing certificateless key agreement protocols do not satisfy the requirements of key-compromise impersonation security and known session-specific temporary information security and two improved certificateless authenticated two-party key agreements are presented.

Strongly Secure Certificateless Key Agreement

This work provides the first one-round CL-AKE scheme proven secure in the random oracle model, and introduces two variants of the Diffie-Hellman trapdoor.

Certificateless Authenticated Two-Party Key Agreement Protocols

This paper proposes a new certificateless authenticated two-party key agreement protocol that only requires each party to compute two pairings, and analyzes the security of the protocol and shows that it achieves the desired security attributes.

Security arguments for the UM key agreement protocol in the NIST SP 800-56A standard

This paper presents a strengthening of the Canetti-Krawczyk security definition for key agreement that captures resistance to all important attacks that have been identified in the literature with the exception of key-compromise impersonation attacks, and presents a reductionist security proof that the UM protocol satisfies this new definition in the random oracle model under the Gap Diffie-Hellman assumption.

Stronger Security of Authenticated Key Exchange

This work extends the Canetti-Krawczyk model for AKE security by providing significantly greater powers to the adversary and introduces a new AKE protocol called NAXOS to prove that it is secure against these stronger adversaries.

Two-party authenticated key agreement in certificateless public key cryptography

  • Y. ShiJianhua Li
  • Computer Science, Mathematics
    Wuhan University Journal of Natural Sciences
  • 2006
This paper presents a new certificateless two party authentication key agreement protocol and proves its security attributes and is more efficient than the existing protocol.

Two-party authenticated key agreement in certificateless public key cryptography

This paper presents a new certificateless two party authentication key agreement protocol and proves its security attributes and is more efficient than the existing protocol.

Escrow-free certificate-based authenticated key agreement protocol from pairings

  • Shengbao WangZ. Cao
  • Computer Science, Mathematics
    Wuhan University Journal of Natural Sciences
  • 2006
To solve the inherent key escrow problem of identity-based cryptography, an escrow-free certificate-based authenticated key agreement (CB-AK) protocol with perfect forward secrecy is proposed, which makes use of pairings on elliptic curves.

Efficient authenticated key agreement protocol using self-certified public keys from pairings

  • S. Zu-hua
  • Computer Science, Mathematics
    Wuhan University Journal of Natural Sciences
  • 2008
An efficient authenticated key agreement protocol is proposed, which makes use of bilinear pairings and selfcertified public keys and can be verified implicitly when the session key being generating in a logically single step.