Strongly-secure And Efficient Key Agreement Protocol

Although cryptography is the basis of network security, the network security should not only rely on the security of encryption algorithms. Key agreement protocols based on cryptography are message exchange protocols, which aims to provide a variety of security services in the network environments. Key agreement protocols can be used to agree on a common session key between different users in the insecure network.Then the session key can be used to encrypt message with efficient symmetry algorithm. Security and efficiency is the current research focus of the key agreement protocol. The main content of this thesis are:Firstly, this paper presents a new authenticated key agreement protocol base on PKI, named AKA-1. Compared with previous protocols, our proposal is more efficient and proven in newly enhanced Canetti-Krawczyk (eCK07) model under the random oracle assumption (ROM) and the computational Diffie-Hellman (CDH) assumption. We use a new technique named trapdoor test, recently proposed by Cash, Kiltz and Shoup, leaving out the help of the decision Diffie-Hellman oracle. In addition, we present a one-pass variant (for only one entity on line) and three-pass variant (providing key confirmation) of AKA-1 for different applications.Secondly, we present an efficient ID-based authenticated key agreement protocol (IDAKA-1) under the random oracle assumption and the gap Bilinear Diffie-Hellman (GBDH) assumption. Compared with previous ID-based protocols, our proposal enjoys intuitive design principles. Due to the reduction of pairing operations, our proposal is much more efficient and shown to be secure in the newly enhanced Canetti-Krawczyk (eCK07) model. In addition, we give a 3-message variant of IDAKA-1, called IDAKA-C, which provides key confirmation and perfect forward security and may be more applicable. Meanwhile, its computational cost is essentially the same as IDAKA-1.In addition, this paper provides the C++ program implementation for the AKA-1 protocol, which achieves the protocol functions. After the established connection between the server and the client, they can consult with a common session key according to the needed key length. Then the session key can be used to carry out secure communications whit efficient and secure symmetric algorithm-AES. In our program the key length is 2048 bits, which meet the need of most applications and the hash algorithm is SHA-256.