Abstract
We survey the set of all prior two-party certificateless key agreement protocols available in the literature at the time of this work. We find that all of the protocols exhibit vulnerabilities of varying severity, ranging from lack of resistance to leakage of ephemeral keys up to (in one case) a man-in-the-middle attack. Many of the protocols admit key-compromise impersonation attacks despite claiming security against such attacks. In order to describe our results rigorously, we introduce the first known formal security model for two-party authenticated certificateless key agreement protocols. Our model is based on the extended Canetti-Krawczyk model for traditional authenticated key exchange, except that we expand the range of allowable attacks to account for the increased flexibility of the attacker in the certificateless setting.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)
Al-Riyami, S.S., Paterson, K.G.: CBE from CLE-PKE: A generic construction and efficient schemes. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 398–415. Springer, Heidelberg (2005)
Boyen, X.: The uber-assumption family – a unified complexity framework for bilinear groups. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 39–56. Springer, Heidelberg (2008)
Dent, A.W.: A survey of certificateless encryption schemes and security models. Int. J. Inf. Secur. 7(5), 349–377 (2008)
Girault, M.: Self-certified public keys. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 490–497. Springer, Heidelberg (1991)
Krawczyk, H.: HMQV: A high-performance secure Diffie-Hellman protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 546–566. Springer, Heidelberg (2005)
LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007)
Lim, C.H., Lee, P.J.: A key recovery attack on discrete log-based schemes using a prime order subgroup. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 249–263. Springer, Heidelberg (1997)
Lippold, G., Boyd, C., Nieto, J.G.: Strongly secure certificateless key agreement. In: Shacham, H. (ed.) Pairing 2009. LNCS, vol. 5671, pp. 206–230. Springer, Heidelberg (2009)
Mandt, T.K.: Certificateless authenticated two-party key agreement protocols. Master’s thesis, Gjøvik University College, Department of Computer Science and Media Technology (2006)
Mandt, T.K., Tan, C.H.: Certificateless authenticated two-party key agreement protocols. In: Okada, M., Satoh, I. (eds.) ASIAN 2006. LNCS, vol. 4435, pp. 37–44. Springer, Heidelberg (2008)
Menezes, A., Ustaoglu, B.: Security arguments for the UM key agreement protocol in the NIST SP 800-56A standard. In: ASIACCS 2008: Proceedings of the 2008 ACM symposium on Information, computer and communications security, pp. 261–270. ACM, New York (2008)
Meng, G., Futai, Z.: Key-compromise impersonation attacks on some certificateless key agreement protocols and two improved protocols. In: International Workshop on Education Technology and Computer Science, vol. 2, pp. 62–66 (2009)
Shao, Z.-h.: Efficient authenticated key agreement protocol using self-certified public keys from pairings. Wuhan University Journal of Natural Sciences 10(1), 267–270 (2005)
Shi, Y., Li, J.: Two-party authenticated key agreement in certificateless public key cryptography. Wuhan University Journal of Natural Sciences 12(1), 71–74 (2007)
Swanson, C.M.: Security in key agreement: Two-party certificateless schemes. Master’s thesis, University of Waterloo, Department of Combinatorics and Optimization (2008)
Wang, S., Cao, Z.: Escrow-free certificate-based authenticated key agreement protocol from pairings. Wuhan University Journal of Natural Sciences 12(1), 63–66 (2007)
Wang, S., Cao, Z., Wang, L.: Efficient certificateless authenticated key agreement protocol from pairings. Wuhan University Journal of Natural Sciences 11(5), 1278–1282 (2006)
Xia, L., Wang, S., Shen, J., Xu, G.: Breaking and repairing the certificateless key agreement protocol from ASIAN 2006. In: Okada, M., Satoh, I. (eds.) ASIAN 2006. LNCS, vol. 4435, pp. 562–566. Springer, Heidelberg (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Swanson, C., Jao, D. (2009). A Study of Two-Party Certificateless Authenticated Key-Agreement Protocols. In: Roy, B., Sendrier, N. (eds) Progress in Cryptology - INDOCRYPT 2009. INDOCRYPT 2009. Lecture Notes in Computer Science, vol 5922. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10628-6_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-10628-6_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-10627-9
Online ISBN: 978-3-642-10628-6
eBook Packages: Computer ScienceComputer Science (R0)