An efficient eCK secure identity based Two Party Authenticated Key Agreement scheme with security against active adversaries

摘要

A Two-Party Authenticated Key Agreement (2-PAKA) protocol facilitates two communicating entities to equally contribute to the establishment of a shared session key. IDentity-based 2-PAKA (ID-2-PAKA) protocols are widely researched, since it eliminates the need for explicit public-key verification using digital certificates. Over the years, ID-2-PAKA protocols with perfect forward secrecy and Key Generation Center forward secrecy were devised, to circumvent the inherent key escrows in identity based cryptosystems. Nevertheless, cryptanalysis of the recent ID-2-PAKA schemes reveals that many of the protocols are insecure. We reconstruct the possible attacks against the schemes and propose a secure escrowless pairing-free ID-2-PAKA protocol. The proposed scheme is proven secure in the modified extended Canetti-Krawczyk model, which captures all the desirable security attributes of ID-2-PAKA protocols, including, public key replacement attack resilience. Comparative analysis of the protocol with other pairing-free ID-2-PAKA schemes suggests that the proposed scheme offers a fine trade-off between efficiency and security.