A modified eCK model with stronger security for tripartite authenticated key exchange

Since Bellare and Rogaway presented the first formal security model for authenticated key exchange (AKE) protocols in 1993, many formal security models have been proposed. The extended Canetti-Krawczyk (eCK) model proposed by LaMacchia et al. is currently regarded as the strongest security model for two-party AKE protocols. In this paper, we first generalize the eCK model for tripartite AKE protocols, called teCK model, and enhance the security of the new model by adding a new reveal query. In the teCK model, the adversary has stronger powers, and can learn more secret information. Then we present a new tripartite AKE protocol based on the NAXOS protocol, called T-NAXOS protocol, and analyze its security in the teCK model under the random oracle assumption

An Enhanced One-round Pairing-based Tripartite Authenticated Key Agreement Protocol

A tripartite authenticated key agreement protocol is generally designed to accommodate the need of three specific entities in communicating over an open network with a shared secret key, which is used to preserve data confidentiality and integrity. Since Joux proposed the first pairing-based one-round tripartite key agreement protocol in 2000, numerous authenticated protocols have been proposed after then. However, most of them have turned out to be flawed due to their inability in achieving some desirable security attributes. In 2005, Lin-Li had identified the weaknesses of Shim\u27s protocol and subsequently proposed their improved scheme by introducing an extra verification process. In this paper, we prove that Lin-Li\u27s improved scheme remains insecure due to its susceptibility to the insider impersonation attack. Based on this, we propose an enhanced scheme which will not only conquer their defects, but also preserves the desired security attributes of a key agreement protocol