Cryptology ePrint Archive: Report 2011/195
An ID-based three-party authenticated key exchange protocol using elliptic curve cryptography for mobile-commerce environments
Debiao He, Yitao Chen
Abstract: For secure communications in public network environments, various three-party authenticated key exchange (3PAKE) protocols are proposed to provide the transaction confidentiality and efficiency. In 2009, Yang et al. proposed an efficient three-party authenticated key exchange protocol based upon elliptic curve cryptography(ECC) for mobile-commerce environments. Because the elliptic curve cryptography is used, their 3PAKE protocol has low computation costs and light communication loads. However, Tan demonstrated that Yang et al.ís protocol suffers from the impersonation attack and the parallel attack. Tan also proposed an enhanced protocol to improve the security and the performance. However, Yang et al.ís protocol and Tanís protocol bases on the public key infrastructure(PKI). Then the server has to maintain the certificates for usersí public keys. When the number of users is increased, the server needs a large storage space to store usersí public keys and certificates. In addition, the server needs additional computations to verify the otherís certificate in their protocols. This causes the computation loads and the energy costs of mobile devices very high. In this paper, we propose an ID-based 3PAKE using ECC. Compared with the related protocol, our protocol does not need additional computations to verify certificate and has the better performance. Then our protocol is more suitable and practical for mobile-commerce environments.
Category / Keywords: ID-based; Three-party key exchange; Elliptic curve Cryptosystem
Publication Info: The paper has not been published.
Date: received 17 Apr 2011, last revised 1 May 2011, withdrawn 20 Jul 2011
Contact author: hedebiao at 163 com
Available formats: (-- withdrawn --)
Version: 20110720:120239 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]