Paper 2006/160

A Built-in Decisional Function and Security Proof of ID-based Key Agreement Protocols from Pairings

L. Chen, Z. Cheng, and N. P. Smart

Abstract

In recent years, a large number of identity-based key agreement protocols from pairings have been proposed. Some of them are elegant and practical. However, the security of this type of protocols has been surprisingly hard to prove. The main issue is that a simulator is not able to deal with reveal queries, because it requires solving either a computational problem or a decisional problem, both of which are generally believed to be hard (i.e., computationally infeasible). The best solution of security proof published so far uses the gap assumption, which means assuming that the existence of a decisional oracle does not change the hardness of the corresponding computational problem. The disadvantage of using this solution to prove the security for this type of protocols is that such decisional oracles, on which the security proof relies, cannot be performed by any polynomial time algorithm in the real world, because of the hardness of the decisional problem. In this paper we present a method incorporating a built-in decisional function in this type of protocols. The function transfers a hard decisional problem in the proof to an easy decisional problem. We then discuss the resulting efficiency of the schemes and the relevant security reductions in the context of different pairings one can use.

Note: Some bugs have been found in some of the analysis which need correcting. They are easily fixed in one of two ways, but at the moment we are deciding which way to fix them. Will repost once we have rewritten.

Metadata
Available format(s)
-- withdrawn --
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
ID Based Key Agreement Protocols
Contact author(s)
nigel @ cs bris ac uk
History
2006-05-04: withdrawn
2006-05-03: received
See all versions
Short URL
https://ia.cr/2006/160
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.