Paper 2015/520

A Constant Time, Single Round Attribute-Based Authenticated Key Exchange in Random Oracle Model

Suvradip Chakraborty, Y. Sreenivasarao, C. Pandu Rangan, and Srinivasan Raghuraman


In this paper, we present a single round two-party {\em attribute-based authenticated key exchange} (ABAKE) protocol in the framework of ciphertext-policy attribute-based systems. Since pairing is a costly operation and the composite order groups must be very large to ensure security, we focus on pairing free protocols in prime order groups. The proposed protocol is pairing free, working in prime order group and having tight reduction to Strong Diffie Hellman (SDH) problem under the attribute-based Canetti Krawzyck (CK) model which is a natural extension of the CK model (which is for the PKI-based authenticated key exchange) for the attribute-based setting. The security proof is given in the random oracle model. Our ABAKE protocol does not depend on any underlying attribute-based encryption or signature schemes unlike the previous solutions for ABAKE. Ours is the \textit{first} scheme that removes this restriction. Thus, the first major advantage is that smaller key sizes are sufficient to achieve comparable security. Another notable feature of our construction is that it involves only constant number of exponentiations per party unlike the state-of-the-art ABAKE protocols where the number of exponentiations performed by each party depends on the size of the linear secret sharing matrix. We achieve this by doing appropriate precomputation of the secret share generation. Ours is the \textit{first} construction that achieves this property. Our scheme has several other advantages. The major one being the capability to handle active adversaries. Most of the previous ABAKE protocols can offer security only under passive adversaries. Our protocol recognizes the corruption by an active adversary and aborts the process. In addition to this property, our scheme satisfies other security properties that are not covered by CK model such as forward secrecy, key compromise impersonation attacks and ephemeral key compromise impersonation attacks.

Available format(s)
Publication info
Preprint. MINOR revision.
Authenticated Key ExchangeCK modelABCK modelForward secrecyKey Compromise Impersonation (KCI) attacks
Contact author(s)
suvradip1111 @ gmail com
2016-04-29: last of 5 revisions
2015-05-31: received
See all versions
Short URL
Creative Commons Attribution


      author = {Suvradip Chakraborty and Y.  Sreenivasarao and C.  Pandu Rangan and Srinivasan Raghuraman},
      title = {A Constant Time, Single Round Attribute-Based Authenticated Key Exchange in Random Oracle Model},
      howpublished = {Cryptology ePrint Archive, Paper 2015/520},
      year = {2015},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.