Robust generalized MQV key agreement protocol without using one-way hash functions

Research output: Contribution to journalArticle

19 Citations (Scopus)

Abstract

IEEE P1363 Committee has adopted the MQV key agreement protocol to become a standard. The MQV protocol was proposed by Menezes et al., which uses a digital signature to sign the Diffie-Hellman public keys without using one-way hash functions. Based on the MQV protocol, Harn and Lin proposed a generalized key agreement protocol to enable two communication parties to establish multiple common secret keys in a single round of message exchange. However, there is a weakness in the Harn-Lin protocol. If all common secret keys established between two parties are adopted, the protocol will suffer from the known-key attack. Therefore, a new protocol without using one-way hash functions is proposed to overcome this weakness.

Original languageEnglish
Pages (from-to)241-246
Number of pages6
JournalComputer Standards and Interfaces
Volume24
Issue number3
DOIs
Publication statusPublished - 2002 Jul 1

Fingerprint

Hash functions
Electronic document identification systems
communication
Communication

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Law

Cite this

@article{9499bf28adb948d880be45b778c3a264,
title = "Robust generalized MQV key agreement protocol without using one-way hash functions",
abstract = "IEEE P1363 Committee has adopted the MQV key agreement protocol to become a standard. The MQV protocol was proposed by Menezes et al., which uses a digital signature to sign the Diffie-Hellman public keys without using one-way hash functions. Based on the MQV protocol, Harn and Lin proposed a generalized key agreement protocol to enable two communication parties to establish multiple common secret keys in a single round of message exchange. However, there is a weakness in the Harn-Lin protocol. If all common secret keys established between two parties are adopted, the protocol will suffer from the known-key attack. Therefore, a new protocol without using one-way hash functions is proposed to overcome this weakness.",
author = "Yuh-Min Tseng",
year = "2002",
month = "7",
day = "1",
doi = "10.1016/S0920-5489(02)00004-1",
language = "English",
volume = "24",
pages = "241--246",
journal = "Computer Standards and Interfaces",
issn = "0920-5489",
publisher = "Elsevier",
number = "3",

}

Robust generalized MQV key agreement protocol without using one-way hash functions. / Tseng, Yuh-Min.

In: Computer Standards and Interfaces, Vol. 24, No. 3, 01.07.2002, p. 241-246.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Robust generalized MQV key agreement protocol without using one-way hash functions

AU - Tseng, Yuh-Min

PY - 2002/7/1

Y1 - 2002/7/1

N2 - IEEE P1363 Committee has adopted the MQV key agreement protocol to become a standard. The MQV protocol was proposed by Menezes et al., which uses a digital signature to sign the Diffie-Hellman public keys without using one-way hash functions. Based on the MQV protocol, Harn and Lin proposed a generalized key agreement protocol to enable two communication parties to establish multiple common secret keys in a single round of message exchange. However, there is a weakness in the Harn-Lin protocol. If all common secret keys established between two parties are adopted, the protocol will suffer from the known-key attack. Therefore, a new protocol without using one-way hash functions is proposed to overcome this weakness.

AB - IEEE P1363 Committee has adopted the MQV key agreement protocol to become a standard. The MQV protocol was proposed by Menezes et al., which uses a digital signature to sign the Diffie-Hellman public keys without using one-way hash functions. Based on the MQV protocol, Harn and Lin proposed a generalized key agreement protocol to enable two communication parties to establish multiple common secret keys in a single round of message exchange. However, there is a weakness in the Harn-Lin protocol. If all common secret keys established between two parties are adopted, the protocol will suffer from the known-key attack. Therefore, a new protocol without using one-way hash functions is proposed to overcome this weakness.

UR - http://www.scopus.com/inward/record.url?scp=0036643547&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0036643547&partnerID=8YFLogxK

U2 - 10.1016/S0920-5489(02)00004-1

DO - 10.1016/S0920-5489(02)00004-1

M3 - Article

AN - SCOPUS:0036643547

VL - 24

SP - 241

EP - 246

JO - Computer Standards and Interfaces

JF - Computer Standards and Interfaces

SN - 0920-5489

IS - 3

ER -