An Identity-Based Authenticated Key Exchange Protocol Resilient to Continuous Key Leakage

Research output: Contribution to journalArticle

Abstract

Identity-based authenticated key exchange (ID-AKE) protocol is an important cryptographic primitive, which is used to establish a session key between two communication participants while authenticating each other. Indeed, most of the existing ID-AKE protocols do not concern with side-channel attacks in the sense that adversaries could obtain partial information of ephemeral/permanent secret keys of users. Recently, several leakage-resilient ID-AKE (LR-ID-AKE) protocols have been proposed to address such attacks. However, these LR-ID-AKE protocols have a restriction that the total leakage information during the life time of the LR-ID-AKE protocol must be bounded to some ratio of ephemeral/permanent secret keys. In this paper, the authors define a new adversary model, termed as identity-based continuous-leakage extended Canetti-Krawczyk (ID-CL-eCK) model. Using the key refreshing procedure (i.e., the multiplicative blinding technique) of permanent secret keys, the first LR-ID-AKE protocol resilient to continuous key leakage is proposed, and it possesses overall unbounded leakage property. Comparisons are given to demonstrate that the proposed protocol is better than the previously proposed ID-AKE protocols in terms of security models and leakage properties. Under the generic bilinear group model, security analysis is made to show that the proposed LR-ID-AKE protocol is secure against adversaries in the new ID-CL-eCK model.

Original languageEnglish
Article number8643744
Pages (from-to)3968-3979
Number of pages12
JournalIEEE Systems Journal
Volume13
Issue number4
DOIs
Publication statusPublished - 2019 Dec

Fingerprint

Communication
Side channel attack

All Science Journal Classification (ASJC) codes

  • Control and Systems Engineering
  • Information Systems
  • Computer Science Applications
  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Cite this

@article{1b6a859af9024aa1953e0a190a449fa2,
title = "An Identity-Based Authenticated Key Exchange Protocol Resilient to Continuous Key Leakage",
abstract = "Identity-based authenticated key exchange (ID-AKE) protocol is an important cryptographic primitive, which is used to establish a session key between two communication participants while authenticating each other. Indeed, most of the existing ID-AKE protocols do not concern with side-channel attacks in the sense that adversaries could obtain partial information of ephemeral/permanent secret keys of users. Recently, several leakage-resilient ID-AKE (LR-ID-AKE) protocols have been proposed to address such attacks. However, these LR-ID-AKE protocols have a restriction that the total leakage information during the life time of the LR-ID-AKE protocol must be bounded to some ratio of ephemeral/permanent secret keys. In this paper, the authors define a new adversary model, termed as identity-based continuous-leakage extended Canetti-Krawczyk (ID-CL-eCK) model. Using the key refreshing procedure (i.e., the multiplicative blinding technique) of permanent secret keys, the first LR-ID-AKE protocol resilient to continuous key leakage is proposed, and it possesses overall unbounded leakage property. Comparisons are given to demonstrate that the proposed protocol is better than the previously proposed ID-AKE protocols in terms of security models and leakage properties. Under the generic bilinear group model, security analysis is made to show that the proposed LR-ID-AKE protocol is secure against adversaries in the new ID-CL-eCK model.",
author = "Wu, {Jui Di} and Tseng, {Yuh Min} and Huang, {Sen Shan}",
year = "2019",
month = "12",
doi = "10.1109/JSYST.2019.2896132",
language = "English",
volume = "13",
pages = "3968--3979",
journal = "IEEE Systems Journal",
issn = "1932-8184",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "4",

}

An Identity-Based Authenticated Key Exchange Protocol Resilient to Continuous Key Leakage. / Wu, Jui Di; Tseng, Yuh Min; Huang, Sen Shan.

In: IEEE Systems Journal, Vol. 13, No. 4, 8643744, 12.2019, p. 3968-3979.

Research output: Contribution to journalArticle

TY - JOUR

T1 - An Identity-Based Authenticated Key Exchange Protocol Resilient to Continuous Key Leakage

AU - Wu, Jui Di

AU - Tseng, Yuh Min

AU - Huang, Sen Shan

PY - 2019/12

Y1 - 2019/12

N2 - Identity-based authenticated key exchange (ID-AKE) protocol is an important cryptographic primitive, which is used to establish a session key between two communication participants while authenticating each other. Indeed, most of the existing ID-AKE protocols do not concern with side-channel attacks in the sense that adversaries could obtain partial information of ephemeral/permanent secret keys of users. Recently, several leakage-resilient ID-AKE (LR-ID-AKE) protocols have been proposed to address such attacks. However, these LR-ID-AKE protocols have a restriction that the total leakage information during the life time of the LR-ID-AKE protocol must be bounded to some ratio of ephemeral/permanent secret keys. In this paper, the authors define a new adversary model, termed as identity-based continuous-leakage extended Canetti-Krawczyk (ID-CL-eCK) model. Using the key refreshing procedure (i.e., the multiplicative blinding technique) of permanent secret keys, the first LR-ID-AKE protocol resilient to continuous key leakage is proposed, and it possesses overall unbounded leakage property. Comparisons are given to demonstrate that the proposed protocol is better than the previously proposed ID-AKE protocols in terms of security models and leakage properties. Under the generic bilinear group model, security analysis is made to show that the proposed LR-ID-AKE protocol is secure against adversaries in the new ID-CL-eCK model.

AB - Identity-based authenticated key exchange (ID-AKE) protocol is an important cryptographic primitive, which is used to establish a session key between two communication participants while authenticating each other. Indeed, most of the existing ID-AKE protocols do not concern with side-channel attacks in the sense that adversaries could obtain partial information of ephemeral/permanent secret keys of users. Recently, several leakage-resilient ID-AKE (LR-ID-AKE) protocols have been proposed to address such attacks. However, these LR-ID-AKE protocols have a restriction that the total leakage information during the life time of the LR-ID-AKE protocol must be bounded to some ratio of ephemeral/permanent secret keys. In this paper, the authors define a new adversary model, termed as identity-based continuous-leakage extended Canetti-Krawczyk (ID-CL-eCK) model. Using the key refreshing procedure (i.e., the multiplicative blinding technique) of permanent secret keys, the first LR-ID-AKE protocol resilient to continuous key leakage is proposed, and it possesses overall unbounded leakage property. Comparisons are given to demonstrate that the proposed protocol is better than the previously proposed ID-AKE protocols in terms of security models and leakage properties. Under the generic bilinear group model, security analysis is made to show that the proposed LR-ID-AKE protocol is secure against adversaries in the new ID-CL-eCK model.

UR - http://www.scopus.com/inward/record.url?scp=85074811358&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85074811358&partnerID=8YFLogxK

U2 - 10.1109/JSYST.2019.2896132

DO - 10.1109/JSYST.2019.2896132

M3 - Article

AN - SCOPUS:85074811358

VL - 13

SP - 3968

EP - 3979

JO - IEEE Systems Journal

JF - IEEE Systems Journal

SN - 1932-8184

IS - 4

M1 - 8643744

ER -