Practical and Exposure-resilient Hierarchical ID-based Authenticated Key Exchange without Random Oracles
Kazuki Yoneyama
2013
Abstract
ID-based authenticated key exchange (ID-AKE) is a cryptographic tool to establish a common session key between parties with authentication based on their IDs. If IDs contain some hierarchical structure such as an email address, hierarchical ID-AKE (HID-AKE) is especially suitable because of scalability. However, most of existing HID-AKE schemes do not satisfy advanced security properties such as forward secrecy, and the only known strongly secure HID-AKE scheme is inefficient. In this paper, we propose a new HID-AKE scheme which achieves both strong security and efficiency. We prove that our scheme is eCK-secure (which ensures maximal-exposure-resilience including forward secrecy) without random oracles, while existing schemes is proved in the random oracle model. Moreover, the number of messages and pairing operations are independent of the hierarchy depth; that is, really scalable and practical for a large-system.
References
- Blundo, C., Santis, A. D., Herzberg, A., Kutten, S., Vaccaro, U., and Yung, M. (1998). Perfectly Secure Key Distribution for Dynamic Conferences. In Inf. Comput. 146(1), pages 1-23.
- Boneh, D. and Boyen, X. (2004). Efficient Selective-ID Secure Identity-Based Encryption Without Random Oracles. In EUROCRYPT 2004, pages 223-238.
- Boneh, D., Boyen, X., and Goh, E.-J. (2005). Hierarchical Identity Based Encryption with Constant Size Ciphertext. In EUROCRYPT 2005, pages 440-456.
- Boneh, D. and Franklin, M. K. (2001). Identity-Based Encryption from the 2001, pages 213-229.
- Canetti, R., Goldreich, O., and Halevi, S. (1998). The Random Oracle Methodology, Revisited (Preliminary Version). In STOC 1998, pages 209-218.
- Canetti, R., Goldreich, O., and Halevi, S. (2004). The Random Oracle Methodology, Revisited. In J. ACM 51(4), pages 557-594.
- Chen, L., Cheng, Z., and Smart, N. P. (2007). Identity-based Key Agreement Protocols From Pairings. In Int. J. Inf. Sec. 6(4), pages 213-241.
- Eschenauer, L. and Gligor, V. D. (2002). A keymanagement scheme for distributed sensor networks. In ACM Conference on Computer and Communications Security 2002, pages 41-47.
- Fiore, D. and Gennaro, R. (2010). Making the DiffieHellman Protocol Identity-Based. In CT-RSA 2010, pages 165-178.
- Fujioka, A., Suzuki, K., Xagawa, K., and Yoneyama, K. (2012). Strongly Secure Authenticated Key Exchange from Factoring, Codes, and Lattices. In Public Key Cryptography 2012, pages 467-484.
- Fujioka, A., Suzuki, K., and Yoneyama, K. (2010). Hierarchical ID-Based Authenticated Key Exchange Resilient to Ephemeral Key Leakage. In IWSEC 2010, pages 164-180.
- Gennaro, R., Halevi, S., Krawczyk, H., Rabin, T., Reidt, S., and Wolthusen, S. D. (2008). Strongly-Resilient and Non-interactive Hierarchical Key-Agreement in MANETs. In ESORICS 2008, pages 49-65.
- Gentry, C. and Halevi, S. (2009). Hierarchical Identity Based Encryption with Polynomially Many Levels. In TCC 2009, pages 437-456.
- Gentry, C. and Silverberg, A. (2002). Hierarchical IDBased Cryptography. In ASIACRYPT 2002, pages 548-566.
- Horwitz, J. and Lynn, B. (2002). Toward Hierarchical Identity-Based Encryption. In EUROCRYPT 2002, pages 466-481.
- Huang, H. and Cao, Z. (2009). An ID-based Authenticated Key Exchange Protocol Based on Bilinear DiffieHellman Problem. In ASIACCS 2009, pages 333-342.
- LaMacchia, B., Lauter, K., and Mityagin, A. (2007). Stronger Security of Authenticated Key Exchange. In ProvSec 2007, pages 1-16.
- Mohassel, P. (2010). One-Time Signatures and Chameleon Hash Functions. In Selected Areas in Cryptography 2010, pages 302-319.
- Park, J. H. and Lee, D. H. (2007). Direct Chosen-Ciphertext Secure Hierarchical ID-Based Encryption Schemes. In EuroPKI 2007, pages 94-109.
- Ramkumar, M., Memon, N. D., and Simha, R. (2005). A hierarchical key pre-distribution scheme. In IEEE EIT 2005.
- Waters, B. (2005). Efficient Identity-Based Encryption Without Random Oracles. In EUROCRYPT 2005, pages 114-127.
Paper Citation
in Harvard Style
Yoneyama K. (2013). Practical and Exposure-resilient Hierarchical ID-based Authenticated Key Exchange without Random Oracles . In Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013) ISBN 978-989-8565-73-0, pages 518-523. DOI: 10.5220/0004525705180523
in Bibtex Style
@conference{secrypt13,
author={Kazuki Yoneyama},
title={Practical and Exposure-resilient Hierarchical ID-based Authenticated Key Exchange without Random Oracles},
booktitle={Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013)},
year={2013},
pages={518-523},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004525705180523},
isbn={978-989-8565-73-0},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013)
TI - Practical and Exposure-resilient Hierarchical ID-based Authenticated Key Exchange without Random Oracles
SN - 978-989-8565-73-0
AU - Yoneyama K.
PY - 2013
SP - 518
EP - 523
DO - 10.5220/0004525705180523