The Study On Authenticated Tripartite Key Exchange Protocol

In 1976, Diffie-Hellman (DH) key exchange protocol was firstly proposed to solve theproblem of how two sides without a pre-shared secret negotiate a session key which opensup a new direction for public-key cryptography . However DH protocol can't resist man-in-middle attack due to lack of authentication. Many researchers have proposed the authen-ticated key exchange (AKE) protocol to resist the man-in-middle attack. In view of thediversity of means of attack from attacker, the formal security model was used to prove thesecurity of the AKE protocol.With the continuous development of the Internet, there have been many scenarios in-volving a tripartite communication, such as e-commerce related to buyers, sellers and trustedthird party, mobile roaming related to the terminal, the local server, remote server. However,the tripartite key exchange protocols lack formal security model, these tripartite protocolsare lack of proof. In view of the importance of the security model for design of protocol, wedo further study on security model of the tripartite key exchange protocol, and our resultsinclude:We extend the two-party eCK security model to tripartite eCK security model. Com-pared to the previous tripartite CK model, our model contains the Key CompromiseImpersonation (KCI) attack and Ephemeral Key Compromise attack.Tripartite is a special case of multi-party which suffers from insider attack, the existingtripartite key exchange protocols did not take into account the insider attack, or didnot give a strict proof of insider resilience. We model the insider attack to furtherstrengthen the tripartite eCK security model so that it can resist the insider attack.We propose a tripartite key exchange protocol which is shown secure in the our tripar-tite secure model. Compared with previous protocols, our protocol have enhanced thesecurity without loss of efficiency.Taking into account that the tripartite key exchange protocols may suffer from partialKCI attack, we further refine the definition of freshness, so that the model is strength-ened to cover partial KCI attack.