Paper 2007/018

Strongly-Secure Identity-based Key Agreement and Anonymous Extension

Sherman S. M. Chow and Kim-Kwang Raymond Choo


We study the provable security of identity-based (ID-based) key agreement protocols. Although several published protocols have been proven secure in the random oracle model, only a weak adversarial model is considered -- the adversary is not allowed to ask Session-Key Reveal queries that will allow the adversary to learn previously established session keys. Recent research efforts devoted to providing a stronger level of security require strong assumptions, such as assuming that the simulator has access to a non-existential computational or decisional oracle. In this work, we propose an ID-based key agreement protocol and prove its security in the widely accepted indistinguishability-based model of Canetti and Krawczyk. In our proof, the simulator does not require access to any non-existential computational or decisional oracle. We then extend our basic protocol to support ad-hoc anonymous key agreement with bilateral privacy. To the best of our knowledge, this is the first protocol of its kind as previously published protocols are for fixed group and provide only unilateral privacy (i.e., only one of the protocol participants enjoy anonymity).

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. The abridged version of this paper appears in the proceedings of Information Security Conference (ISC 2007), volume 4779 of Lecture Notes in Computer Science, pages 315-332.
Key agreementprovable securityreveal queryidentity-based cryptographyanonymity
Contact author(s)
schow @ cs nyu edu
2008-01-03: revised
2007-01-26: received
See all versions
Short URL
Creative Commons Attribution


      author = {Sherman S. M.  Chow and Kim-Kwang Raymond Choo},
      title = {Strongly-Secure Identity-based Key Agreement and Anonymous Extension},
      howpublished = {Cryptology ePrint Archive, Paper 2007/018},
      year = {2007},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.