Analysis and improvement of a strongly secure certificateless key exchange protocol without pairing

Author

Zhang, Min ; Zhang, Jie ; Wen, Qiao-Yan ; Jin, Zheng-Ping ; Zhang, Hua

Author_Institution

Sch. of Sci., Beijing Univ. of Posts & Telecommun., Beijing, China

fYear

2012

fDate

19-20 May 2012

Firstpage

1512

Lastpage

1516

Abstract

Recently, Yang and Tan proposed a certificateless key exchange protocol without pairing, and claimed their scheme satisfies forward secrecy, which means no adversary could derive an already-established session key unless the full user secret keys (including a private key and an ephemeral secret key) of both communication parties are compromised. However, in this paper, we point out their protocol is actually not secure as claimed by presenting an attack launched by an adversary who has learned the private key of one party and the ephemeral secret key of the other, but not the full user secret keys of both parties. Furthermore, to make up this flaw, we also provide an improved protocol in which the private key and the ephemeral secret key are closely intertwined with each other for generating the session key, thus above attack can be efficiently resisted.

Keywords

cryptographic protocols; private key cryptography; already-established session key; communication parties; ephemeral secret key; forward secrecy; full user secret keys; private key; strongly secure certificateless key exchange protocol; Educational institutions; Encryption; Games; Protocols; Public key cryptography; certificateless key exchange protocol; forward secrecy;

fLanguage

English

Publisher

ieee

Conference_Titel

Systems and Informatics (ICSAI), 2012 International Conference on

Conference_Location

Yantai

Print_ISBN

978-1-4673-0198-5

Type

conf

DOI

10.1109/ICSAI.2012.6223324

Filename

6223324