Cryptology ePrint Archive: Report 2002/035

Tripartite Authenticated Key Agreement Protocols from Pairings

Sattam S. Al-Riyami and Kenneth G. Paterson

Abstract: Joux's protocol is a one round, tripartite key agreement protocol that is more bandwidth-efficient than any previous three-party key agreement protocol. But it is insecure, suffering from a simple man-in-the-middle attack. This paper shows how to make Joux's protocol secure, presenting several tripartite, authenticated key agreement protocols that still require only one round of communication. A pass-optimal authenticated and key confirmed tripartite protocol that generalises the station-to-station protocol is also presented. The security properties of the new protocols are studied using provable security methods and heuristic approaches. Applications for the protocols are also discussed.

Category / Keywords: Secure protocols; key agreement; authentication; pairings

Date: received 20 Mar 2002, last revised 16 Apr 2003

Contact author: kenny paterson at rhul ac uk

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Note: Revision to earlier version of paper to include more detailed security analysis and analysis of confirmed protocols.

Version: 20030416:174700 (All versions of this report)

Short URL: ia.cr/2002/035

Discussion forum: Show discussion | Start new discussion