Research On Provably Secure Authenticated Key Agreement Protocol

Authenticated Key Agreement (AKA) Protocol is one of the important area ofCryptography. It allows two or more users to execute identity/message authenticationand agree on a shared key over an insecure channel. Using the shared key, users canestablish a secure channel for communication. Academic researchers and industry paymuch attentions to the AKA protocol since it has a very wide range of applications invarious networks.Provable security is a method of axiomatic theory. It reduces the security of thecryptography protocols to some complicated mathematics problems or somecryptography theories. If the mathematics problems are known to be hard to solve or thecryptography theories are correct, then the cryptography protocols which are establishedon these problems or theories are secure. Currently, using the theory of provablesecurity to analyze the security of the AKA protocols is an effective method whichbecomes internationally recognized.The mainline of this paper is using the theory of provable security to analyze anddesign the AKA protocols and their models. The theoretical aspect includes: two-party,three-party and group AKA protocols and their models, one-round AKA protocol and itsmodel with strong forward secrecy. The practical aspecte includes: SIP protocol androaming authentication protocols in wireless networks. More precisely,(1) An analysis of a two-party anonymous AKA protocol based on password and smartcard is given. An off-line password attack and a key compromise impersonation(KCI) attack are pointed out. Moreover, an improvement of the two-party AKAprotocol is given and a new security property of the untraceability is added. On theECGDH assumption, the new protocol is provably secure. Compared with therelated AKA protocols based on password and smart card, the new protocol hasbetter performance on security, computation cost and storage cost.(2) Bring a strong security property, resistance to ephemeral key reveal attack which isneeded in AKA protocols, to the AKA protocols using password and smart card. Astrongly secure two-party AKA protocols using smart card and a strongly securethree-party AKA protocols using smart card are proposed respectively. Meanwhile,the first security model for AKA protocols using password and smart card whichincludes the ephemeral key reveal attack is proposed. The security proof of theproposed protocols is given in the new security model. The reason why the property of ephemeral key reveal attack can not be achieved in AKA protocols using onlypassword is also given in this paper.(3) Study on the group AKA protocols based on password in the standard model. Basedon the smooth projective Hash function, a group AKA protocol with differentpasswords is present. Once one of the group users is corrupted the entire system cannot crash since every user in the system uses the different password. On the basis ofthe smooth projective Hash function, non-interactive and non-malleablecommitment and DDH assumption, the new group AKA protocol is provably securein the standard model.(4) Study on the one-round AKA protocol with strong forward secrecy using the publickey cryptography and further divide the key compromise impersonation (KCI)attack into two attacks: strong KCI attack and weak KCI attack. A new model forAKA protocols which includes these two attacks and the forward secrecy is present.On the basis of the famous mOT protocol, mOT+and mOT++are proposed wheremOT++uses a weak assumption. Both of the protocols are provably secure in theproposed model.(5) Study on the SIP protocol with different domains and propose a new certificatelessAKA protocols for SIP. The new AKA protocol allows two users in different KeyGeneration Center run the SIP protocol securely. The security analysis is given inthe random oracle model provided the GBDH assumption holds. The trick used inthe protocol is applicable to other cross-domain authentication which makes point topoint communication come true.(6) Study on the roaming authentication protocol for wireless networks and propose aprivacy-preserving roaming authentication framework. The framework includes theauthentication between the mobile user and the foreign server and the authenticationbetween users which belong to different servers. The security analysis is using thetool of the AVISPA which shows the protocols have the security properties of theAKA protocols. The proposed method is a common method which is also applicableto other distributed networks such as the Wireless Mesh Networks and the VehicleNetworks.