An ID-based Authenticated Key Exchange Protocol based on Bilinear Diffie-Hellman Problem
In recent years, a great deal of ID-based authenticated key exchange protocols have been proposed. However, many of them have been broken or have no security proof. The main issue is that without static private key it is difficult for simulator to fully support the SessionKeyReveal and EphemeralKeyReveal queries. Some proposals which have purported to be provably secure just hold in relatively weak model, which does not fully support above-mentioned two queries. For protocols to be proven secure in more desirable model, people must make use of the stronger gap  assumption, which means that the computational problem remains hard even in the presence of an effective decision oracle. However, the gap assumption may not be acceptable at all, since the decision oracle, which the proofs rely on, may not exist in real world. Cash, Kiltz and Shoup  recently proposed a new computational problem called twin Diffie-Hellman problem, a nice feature of which not enjoyed by ordinary Diffie-Hellman problem is that the twin Diffie-Hellman problem remains hard, even with access to a decision oracle that recognizes solutions to the problem. At the heart of their method is the "trapdoor test" that allows us to implement an effective decision oracle for the twin Diffie-Hellman problem, without knowing the corresponding discrete logarithm. In this paper,we present a new ID-based authenticated key exchange (ID-AKE) protocol based on the trapdoor test technique. Compared with previous ID-AKE protocols, our proposal is based on the Bilinear Diffie-Hellman (BDH) assumption, which is more standard than Gap Bilinear Diffie-Hellman (GBDH) assumption, on which previous protocols are based. Moreover, our scheme is shown to be secure in the enhanced Canetti-Krawczyk (eCK) model, which is the currently strongest AKE security model.
Strongly Secure Authenticated Key Exchange Protocol Based on Computational Diffie-Hellman Problem
Currently, there are a lot of authenticated key exchange (AKE) protocols in literature. However, the security proofs of this kind of protocols have been established to be a non-trivial task. The main issue is that without static private key it is difficult for simulator to fully support the SessionKeyReveal and EphemeralKeyReveal queries. Some proposals which have been proven secure either just hold in relatively weak models which do not fully support above-mentioned two queries or make use of the stronger gap assumption. In this paper, using a new technique named twin Diffie-Hellman problem proposed by Cash, Kiltz and Shoup, we present a new AKE protocol based on the computational Diffie-Hellman (CDH) assumption, which is more standard than gap Diffie-Hellman (GDH) assumption. Moreover, our scheme is shown to be secure in strong security definition, the enhanced Canetti-Krawczyk (eCK) model introduced by LaMacchia, Lauter and Mityagin, which better supports the adversaries' queries than previous models.
- Zhenfu Cao (2)