On the Relations Between Diffie-Hellman and ID-Based Key Agreement from Pairings

This paper studies the relationships between the traditional Diffie-Hellman key agreement protocol and the identity-based (ID-based) key agreement protocol from pairings. For the Sakai-Ohgishi-Kasahara (SOK) ID-based key construction, we show that identical to the Diffie-Hellman protocol, the SOK key agreement protocol also has three variants, namely \emph{ephemeral}, \emph{semi-static} and \emph{static} versions. Upon this, we build solid relations between authenticated Diffie-Hellman (Auth-DH) protocols and ID-based authenticated key agreement (IB-AK) protocols, whereby we present two \emph{substitution rules} for this two types of protocols. The rules enable a conversion between the two types of protocols. In particular, we obtain the \emph{real} ID-based version of the well-known MQV (and HMQV) protocol. Similarly, for the Sakai-Kasahara (SK) key construction, we show that the key transport protocol underlining the SK ID-based encryption scheme (which we call the "SK protocol") has its non-ID counterpart, namely the Hughes protocol. Based on this observation, we establish relations between corresponding ID-based and non-ID-based protocols. In particular, we propose a highly enhanced version of the McCullagh-Barreto protocol

Two-Party Threshold Key Agreement Protocol for MANETs using Pairings

In MANET environment, the nodes are mobile i.e., nodes move in and out dynamically. This causes difficulty in maintaining a central trusted authority say Certification Authority CA or Key Generation Centre KCG. In addition most of cryptographic techniques need a key to be shared between the two communicating entities. So to introduce security in MANET environment, there is a basic need of sharing a key between the two communicating entities without the use of central trusted authority. So we present a decentralized two-party key agreement protocol using pairings and threshold cryptography ideas. Our model is based on Joux2019;s three-party key agreement protocol which does not authenticate the users and hence is vulnerable to man-in-the-middle attack. This model protects from man-in-the-middle attack using threshold cryptography

A-MAKE: an efficient, anonymous and accountable authentication framework for WMNs

In this paper, we propose a framework, named as A-MAKE, which efficiently provides security, privacy, and accountability for communications in wireless mesh networks. More specifically, the framework provides an anonymous mutual authentication protocol whereby legitimate users can connect to network from anywhere without being identified or tracked. No single party (e.g., network operator) can violate the privacy of a user, which is provided in our framework in the strongest sense. Our framework utilizes group signatures, where the private key and the credentials of the users are generated through a secure three-party protocol. User accountability is implemented via user revocation protocol that can be executed by two semitrusted authorities, one of which is the network operator. The assumptions about the trust level of the network operator are relaxed. Our framework makes use of much more efficient signature generation and verification algorithms in terms of computation complexity than their counterparts in literature, where signature size is comparable to the shortest signatures proposed for similar purposes so far

Still Wrong Use of Pairings in Cryptography

Several pairing-based cryptographic protocols are recently proposed with a wide variety of new novel applications including the ones in emerging technologies like cloud computing, internet of things (IoT), e-health systems and wearable technologies. There have been however a wide range of incorrect use of these primitives. The paper of Galbraith, Paterson, and Smart (2006) pointed out most of the issues related to the incorrect use of pairing-based cryptography. However, we noticed that some recently proposed applications still do not use these primitives correctly. This leads to unrealizable, insecure or too inefficient designs of pairing-based protocols. We observed that one reason is not being aware of the recent advancements on solving the discrete logarithm problems in some groups. The main purpose of this article is to give an understandable, informative, and the most up-to-date criteria for the correct use of pairing-based cryptography. We thereby deliberately avoid most of the technical details and rather give special emphasis on the importance of the correct use of bilinear maps by realizing secure cryptographic protocols. We list a collection of some recent papers having wrong security assumptions or realizability/efficiency issues. Finally, we give a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page

An efficient certificateless authenticated key agreement protocol without bilinear pairings

Certificateless public key cryptography simplifies the complex certificate management in the traditional public key cryptography and resolves the key escrow problem in identity-based cryptography. Many certificateless authenticated key agreement protocols using bilinear pairings have been proposed. But the relative computation cost of the pairing is approximately twenty times higher than that of the scalar multiplication over elliptic curve group. Recently, several certificateless authenticated key agreement protocols without pairings were proposed to improve the performance. In this paper, we propose a new certificateless authenticated key agreement protocol without pairing. The user in our just needs to compute five scale multiplication to finish the key agreement. We also show the proposed protocol is secure in the random oracle model