Skip to main content
SpringerLink
Log in

Tripartite Authenticated Key Agreement Protocols from Pairings

  • Conference paper
Cryptography and Coding (Cryptography and Coding 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2898))

Included in the following conference series:

Abstract

Joux’s protocol [29] is a one round, tripartite key agreement protocol that is more bandwidth-efficient than any previous three-party key agreement protocol. But it is insecure, suffering from a simple man-in-the-middle attack. This paper shows how to make Joux’s protocol secure, presenting several tripartite, authenticated key agreement protocols that still require only one round of communication and no signature computations. A pass-optimal authenticated and key confirmed tripartite protocol that generalises the station-to-station protocol is also presented. The security properties of the new protocols are studied using provable security methods and heuristic approaches. Applications for the protocols are also discussed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Al-Riyami, S.S., Paterson, K.G.: Authenticated three party key agreement protocols from pairings. Cryptology ePrint Archive, Report 2002/035 (2002), http://eprint.iacr.org/

  2. American National Standards Institute - ANSI X9.42. Public key cryptography for the financial services industry: Agreement of symmetric keys using discrete logarithm cryptography (2001)

    Google Scholar 

  3. American National Standards Institute - ANSI X9.63. Public key cryptography for the financial services industry: Key agreement and key transport using elliptic curve cryptography (2001)

    Google Scholar 

  4. Ankney, R., Johnson, D., Matyas, M.: The Unified Model - contribution to X9F1 (October 1995)

    Google Scholar 

  5. Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–368. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  6. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  7. Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)

    Google Scholar 

  8. Bellare, M., Rogaway, P.: Provably secure session key distribution: The three party case. In: Proceedings of the Twenty-Seventh Annual ACM Symposium on Theory of Computing STOC, pp. 57–66. ACM, New York (1995)

    Chapter  Google Scholar 

  9. Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 30–45. Springer, Heidelberg (1997)

    Google Scholar 

  10. Blake-Wilson, S., Menezes, A.: Authenticated Diffie-Hellman key agreement protocols. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 339–361. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  11. Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  12. Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. SIAM J. Computing 32(3), 586–615 (2003), full version of [11] http://www.crypto.stanford.edu/~dabo/abstracts/ibe.html

    Article  MATH  MathSciNet  Google Scholar 

  13. Boyd, C.: Towards extensional goals in authentication protocols. In: Proceedings of the 1997 DIMACS Workshop on Design and Formal Verification of Security Protocols (1997), http://www.citeseer.nj.nec.com/boyd97towards.html/

  14. Bresson, E., Chevassut, O., Pointcheval, D.: Dynamic group Diffie-Hellman key exchange under standard assumptions. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 321–336. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  15. Burmester, M.: On the risk of opening distributed keys. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 308–317. Springer, Heidelberg (1994)

    Google Scholar 

  16. Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  17. Canetti, R., Krawczyk, H.: Universally composable notions of key exchange and secure channels. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 337–351. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  18. Cha, J.C., Cheon, J.H.: An identity-based signature from gap Diffie-Hellman groups. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 18–30. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  19. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)

    Article  MathSciNet  Google Scholar 

  20. Diffie, W., van Oorschot, P.C., Wiener, M.: Authentication and authenticated key exchanges. Designs, Codes and Cryptography 2, 107–125 (1992)

    Article  Google Scholar 

  21. Galbraith, S.D.: Supersingular curves in cryptography. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 495–513. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  22. Galbraith, S.D., Harrison, K., Soldera, D.: Implementing the Tate pairing. In: Fieker, C., Kohel, D.R. (eds.) ANTS 2002. LNCS, vol. 2369, pp. 324–337. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  23. Galbraith, S.D., Hopkins, H.J., Shparlinski, I.E.: Secure Bilinear Diffie-Hellman bits. Cryptology ePrint Archive, Report 2002/155 (2002), http://eprint.iacr.org/

  24. Gentry, C., Silverberg, A.: Heirarchical ID-based cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  25. Hess, F.: Efficient identity based signature schemes based on pairings. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 310–324. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  26. Hoffman, P.: Features of proposed successors to IKE. Internet Draft, draft-ietf-ipsec-soi-features-01.txt (2002)

    Google Scholar 

  27. IEEE P1363. Standard specifications for public key cryptography (2000), http://grouper.ieee.org/groups/1363/index.html

  28. ISO/IEC 15946-3. Information technology - security techniques - cryptographic techniques based on elliptic curves - part 3: Key establishment (awaiting publication)

    Google Scholar 

  29. Joux, A.: A one round protocol for tripartite Diffie-Hellman. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 385–394. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  30. Kaliski Jr, B.: An unknown key-share attack on the MQV key agreement protocol. ACM Trans. on Information and Systems Security 4(3), 275–288 (2001)

    Article  Google Scholar 

  31. Kim, M., Kim, K.: A new identification scheme based on the bi-linear Diffie-Hellman problem. In: Batten, L.M., Seberry, J. (eds.) ACISP 2002. LNCS, vol. 2384, pp. 362–378. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  32. Law, L., Menezes, A., Qu, M., Solinas, J., Vanstone, S.A.: An efficient protocol for authenticated key agreement. Technical Report CORR 98-05, Department of C & O, University of Waterloo, 1998. To appear in Designs, Codes and Cryptography (1998)

    Google Scholar 

  33. Law, L., Menezes, A., Qu, M., Solinas, J., Vanstone, S.A.: An efficient protocol for authenticated key agreement. Designs, Codes and Cryptography 28(2), 119–134 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  34. Lim, C.H., Lee, P.J.: A key recovery attack on discrete log-based schemes using a prime order subgroup. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 249–263. Springer, Heidelberg (1997)

    Google Scholar 

  35. Lowe, G.: Some new attacks upon security protocols. In: PCSFW: Proceedings of The 9th Computer Security Foundations Workshop, pp. 162–169. IEEE Computer Society Press, Los Alamitos (1996)

    Chapter  Google Scholar 

  36. Matsumoto, T., Takashima, Y., Imai, H.: On seeking smart public-key-distribution systems. Trans. IECE of Japan E69, 99–106 (1986)

    Google Scholar 

  37. Menezes, A., Qu, M., Vanstone, S.: Some new key agreement protocols providing mutual implicit authentications. In: 2nd Workshop on Selected Areas in Cryptography (SAC 1995), May 1995, pp. 22–32 (1995)

    Google Scholar 

  38. Menezes, A., van Oorschot, P.C., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)

    MATH  Google Scholar 

  39. Mitchell, C., Ward, M., Wilson, P.: Key control in key agreement protocols. Electronics Letters 34, 980–981 (1998)

    Article  Google Scholar 

  40. Paterson, K.G.: ID-based signatures from pairings on elliptic curves. Electronics Letters 38(18), 1025–1026 (2002)

    Article  Google Scholar 

  41. Roscoe, A.: Intensional specifications of security protocols. In: Proceedings 9th IEEE Computer Security Foundations Workshop, pp. 28–38. IEEE Computer Society Press, Los Alamitos (1996)

    Chapter  Google Scholar 

  42. Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing. In: The 2000 Symposium on Cryptography and Information Security, Okinawa, Japan (January 2000)

    Google Scholar 

  43. Shim, K.: Cryptanalysis of Al-Riyami-Paterson’s authenticated three party key agreement protocols. Cryptology ePrint Archive, Report 2003/122 (2003), http://eprint.iacr.org/

  44. Shoup, V.: On formal models for secure key exchange. IBM Technical Report RZ 3120 (1999), http://shoup.net/papers

  45. Smart, N.P.: An identity based authenticated key agreement protocol based on the Weil pairing. Electronics Letters 38(13), 630–632 (2002)

    Article  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Group, Royal Holloway, University of London, Egham, Surrey, TW20 0EX

    Sattam S. Al-Riyami & Kenneth G. Paterson

Authors
  1. Sattam S. Al-Riyami
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kenneth G. Paterson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Information Security Group, Royal Holloway, University of London, TW20 0EX, Egham, Surrey, U.K.

    Kenneth G. Paterson

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Al-Riyami, S.S., Paterson, K.G. (2003). Tripartite Authenticated Key Agreement Protocols from Pairings. In: Paterson, K.G. (eds) Cryptography and Coding. Cryptography and Coding 2003. Lecture Notes in Computer Science, vol 2898. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-40974-8_27

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-40974-8_27

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-20663-7

  • Online ISBN: 978-3-540-40974-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation