Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
An identity-based key-exchange protocol
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
An Efficient Protocol for Authenticated Key Agreement
Designs, Codes and Cryptography
Identity-Based Encryption from the Weil Pairing
SIAM Journal on Computing
The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Key Distribution Systems Based on Identification Information
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Efficient Identification and Signatures for Smart Cards
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
More Flexible Exponentiation with Precomputation
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
On the Existence of 3-Round Zero-Knowledge Protocols
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Universally Composable Notions of Key Exchange and Secure Channels
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Towards Practical Public Key Systems Secure Against Chosen Ciphertext Attacks
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Multi-signatures in the plain public-Key model and a general forking lemma
Proceedings of the 13th ACM conference on Computer and communications security
Domain-based administration of identity-based cryptosystems for secure email and IPSEC
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Identity-based key agreement protocols from pairings
International Journal of Information Security
Efficient One-Round Key Exchange in the Standard Model
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
The twin Diffie-Hellman problem and applications
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Security of two-party identity-based key agreement
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
HMQV: a high-performance secure diffie-hellman protocol
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Practical identity-based encryption without random oracles
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Direct chosen-ciphertext secure identity-based key encapsulation without random oracles
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
Making the diffie-hellman protocol identity-based
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
| Hi-index | 0.00 |
This paper presents a new identity based key agreement protocol. In id-based cryptography (introduced by Adi Shamir in [34]) each party uses its own identity as public key and receives his secret key from a master Key Generation Center, whose public parameters are publicly known. The novelty of our protocol is that it can be implemented over any cyclic group of prime order, where the Diffie-Hellman problem is supposed to be hard. It does not require the computation of expensive bilinear maps, or additional assumptions such as factoring or RSA. The protocol is extremely efficient, requiring only twice the amount of bandwidth and computation of the unauthenticated basic Diffie-Hellman protocol. The design of our protocol was inspired by MQV (the most efficient authenticated Diffie-Hellman based protocol in the public-key model) and indeed its performance is competitive with respect to MQV (especially when one includes the transmission and verification of certificates in the MQV protocol, which are not required in an id-based scheme). Our protocol requires a single round of communication in which each party sends only 2 group elements: a very short message, especially when the protocol is implemented over elliptic curves. We provide a full proof of security in the Canetti-Krawczyk security model for key exchange, including a proof that our protocol satisfies additional security properties such as forward secrecy, and resistance to reflection and key-compromise impersonation attacks.