Paper 2005/201

On Security Proof of McCullagh-Barreto's Key Agreement Protocol and its Variants

Zhaohui Cheng and Liqun Chen

Abstract

McCullagh and Barreto presented an identity-based authenticated key agreement protocol in CT-RSA 2005. Their protocol was found to be vulnerable to a key-compromise impersonation attack. In order to recover the weakness, McCullagh and Barreto, and Xie proposed two variants of the protocol respectively. In each of these works, a security proof of the proposed protocol was presented. In this paper, we revisit these three security proofs and show that all the reductions in these proofs are invalid, because the property of indistinguishability between their simulation and the real world was not held. As a replacement, we slightly modify the McCullagh and Barreto's second protocol and then formally analyse the security of the modified scheme in the Bellare-Rogaway key agreement model.

Note: A complete proof presented.

Metadata
Available format(s)
PDF PS
Category
Cryptographic protocols
Publication info
Published elsewhere. To appear in IJSN special issue on cryptography in networks
Keywords
identity-based key agreementpairing
Contact author(s)
m z cheng @ mdx ac uk
History
2006-08-23: last of 2 revisions
2005-06-29: received
See all versions
Short URL
https://ia.cr/2005/201
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2005/201,
      author = {Zhaohui Cheng and Liqun Chen},
      title = {On Security Proof of McCullagh-Barreto's Key Agreement Protocol and its Variants},
      howpublished = {Cryptology ePrint Archive, Paper 2005/201},
      year = {2005},
      note = {\url{https://eprint.iacr.org/2005/201}},
      url = {https://eprint.iacr.org/2005/201}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.