Cryptology ePrint Archive: Report 2015/256

Cryptanalysis of Three Certificate-Based Authenticated Key Agreement Protocols and a Secure Construction

Yang Lu, Quanling Zhang, Jiguo Li

Abstract: Certificate-based cryptography is a new public-key cryptographic paradigm that has very appealing features, namely it simplifies the certificate management problem in traditional public key cryptography while eliminating the key escrow problem in identity-based cryptography. So far, three authenticated key agreement (AKA) protocols in the setting of certificate-based cryptography have been proposed in the literature. Unfortunately, none of them are secure under the public key replacement (PKR) attack. In this paper, we first present a security model for certificate-based AKA protocols that covers the PKR attacks. We then explore the existing three certificate-based AKA protocols and show the concrete attacks against them respectively. To overcome the weaknesses in these protocols, we propose a new certificate-based AKA protocol and prove its security strictly in the random oracle model. Performance comparison shows that the proposed protocol outperforms all the previous certificate-based AKA protocols.

Category / Keywords: authenticated key agreement, certificated-based cryptography, public key repalcement attack, random oracle model, provable security

Date: received 18 Mar 2015, last revised 19 Mar 2015

Contact author: luyangnsd at 163 com

Available format(s): PDF | BibTeX Citation

Version: 20150319:121113 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]