Cryptology ePrint Archive: Report 2015/520

A Constant Time, Single Round Attribute-Based Authenticated Key Exchange in Random Oracle Model

Suvradip Chakraborty and Y. Sreenivasarao and C. Pandu Rangan and Srinivasan Raghuraman

Abstract: In this paper, we present a single round two-party {\em attribute-based authenticated key exchange} (ABAKE) protocol in the framework of ciphertext-policy attribute-based systems. Since pairing is a costly operation and the composite order groups must be very large to ensure security, we focus on pairing free protocols in prime order groups. The proposed protocol is pairing free, working in prime order group and having tight reduction to Strong Diffie Hellman (SDH) problem under the attribute-based Canetti Krawzyck (CK) model which is a natural extension of the CK model (which is for the PKI-based authenticated key exchange) for the attribute-based setting. The security proof is given in the random oracle model. Our ABAKE protocol does not depend on any underlying attribute-based encryption or signature schemes unlike the previous solutions for ABAKE. Ours is the \textit{first} scheme that removes this restriction. Thus, the first major advantage is that smaller key sizes are sufficient to achieve comparable security. Another notable feature of our construction is that it involves only constant number of exponentiations per party unlike the state-of-the-art ABAKE protocols where the number of exponentiations performed by each party depends on the size of the linear secret sharing matrix. We achieve this by doing appropriate precomputation of the secret share generation. Ours is the \textit{first} construction that achieves this property. Our scheme has several other advantages. The major one being the capability to handle active adversaries. Most of the previous ABAKE protocols can offer security only under passive adversaries. Our protocol recognizes the corruption by an active adversary and aborts the process. In addition to this property, our scheme satisfies other security properties that are not covered by CK model such as forward secrecy, key compromise impersonation attacks and ephemeral key compromise impersonation attacks.

Category / Keywords: Authenticated Key Exchange, Attribute-based Authenticated Key Exchange (ABAKE), CK model, ABCK model, Forward secrecy, Key Compromise Impersonation (KCI) attacks

Date: received 30 May 2015, last revised 29 Apr 2016

Contact author: suvradip1111 at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20160429:154418 (All versions of this report)

Short URL: ia.cr/2015/520

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]