Cryptology ePrint Archive: Report 2012/618

Towards fully collusion-resistant ID-based establishment of pairwise keys

Oscar Garcia Morchon and Ludo Tolhuizen and Domingo Gomez and Jaime Gutierrez

Abstract: Usually a communication link is securedby means of a symmetric-key algorithm. For that, amethod is required to securely establish a symmetric key for that algorithm. This old key establishment problem is still relevant and of paramount importance both in existing computer networks and new large-scale ubiquitous systems comprising resource-constrained devices. Identity-based pairwise key agreement allows for the generation of a common key between two parties given a secret keying material owned by the first party and the identity of the second one. However, existing methods, e.g., based on polynomials, are prone to collusion attacks. In this paper we discuss a new key establishment scheme aiming at fully collusion-resistant identity-based symmetric-key agreement. Our scheme, the HIMMO algorithm, relies on two design concepts: Hiding Information and Mixing Modular Operations. Collusion attacks on schemes from literature cannot readily be applied to our scheme; our security analysis further shows that HIMMO’s design principles prevent an attacker from performing a number of attacks. Also, the simple logic of the HIMMO algorithm allows for very efficient implementations in terms of both speed and memory. Finally, being an identitybasedsymmetric-key establishment scheme, HIMMO allows for efficient real-world key exchange protocols.

Category / Keywords: key distribution and establishment, polynomials, identity-based cryptography

Date: received 1 Nov 2012, last revised 28 Nov 2012

Contact author: oscar garcia at philips com

Available formats: PDF | BibTeX Citation

Note: Dear Editor,

we have corrected an error in Section 2 (related work, Zhang's scheme, we were using $r$ instead of $2^r$).

Regards, The Authors.

Version: 20121128:171246 (All versions of this report)

Discussion forum: Show discussion | Start new discussion