Paper 2002/184

Identity Based Authenticated Key Agreement Protocols from Pairings

Liqun Chen and Caroline Kudla


We investigate a number of issues related to identity based authenticated key agreement protocols using the Weil or Tate pairings. These issues include how to make protocols efficient; how to avoid key escrow by a Trust Authority (TA) who issues identity based private keys for users, and how to allow users to use different Trusted Authorities. We describe a few authenticated key agreement (AK) protocols and AK with key confirmation (AKC) protocols which are modified from Smart's AK protocol. We study the security of these protocols heuristically and using provable security methods. In addition, we prove that our AK protocol is immune to key compromise impersonation attacks, and we also show that our second protocol has the TA forward secrecy property (which we define to mean that the compromise of the TA's private key will not compromise previously established session keys). We also show that this TA forward secrecy property implies that the protocol has the perfect forward secrecy property.

Note: This version corrects errors in the security proofs of earlier versions of the paper.

Available format(s)
Publication info
Published elsewhere. Earlier version published in Proceedings of the 16th IEEE Computer Security Foundations Workshop, pages 219-233, IEEE Computer Society Press, June 2003.
Identity-based cryptographyauthenticated key agreement protocolsprovable security.
Contact author(s)
liqun chen @ hp com
2004-05-27: revised
2002-12-01: received
See all versions
Short URL
Creative Commons Attribution


      author = {Liqun Chen and Caroline Kudla},
      title = {Identity Based Authenticated Key Agreement Protocols from Pairings},
      howpublished = {Cryptology ePrint Archive, Paper 2002/184},
      year = {2002},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.