Research On Provably Security Model For AKE Protocol

In the middle of 1990's, Bellare and Rogaway first introduced provably security theory into studying security protocols, which left drawbacks of complexity and high cost since it was first based on the standard model. Since Bellare and Rogaway had proposed random oracle model (ROM) methodology, and brought this idea into formal analysis, many scholars took use of ROM to present the security of some given protocols. There is a rapidly growing appreciation of provably security in practice, which was known only as a pure theory in the past. Provably security is of important theoretical significance and application value.Research of this paper is mainly on provably security model of AKE. People's attention has been drawn by two merits of AKE protocols. One is to agree on a common session key; the other is to realize mutual authentication.The main contents of this paper are as follows:(1)Present a Weil pairing-based four-party PAKE protocol,4PAKE.(2)Analyse and discuss the security of 4PAKE in the improved BPR2000 model. By formal description of the capabilities of adversary, and the security objectives, the success probability of adversary in attacking 4PAKE is negligible through the adoption of "hybrid" technique and game theory; in other words,4PAKE is proved secure.(3)Propose a new adversary model for AKE protocols in the light of the incompletion of current mainstream adversary model. The potential attack type of the adversary is enriched, and the attack scene is also taken more consideration, and accordingly a strong definition of security is given. In the new model, the security defects of 4PAKE protocol are found, and the amendments are proposed, a new improved 4PAKE agreement is is formed upon the modifications. It is of smaller key-scale and obvious advantages in computing speed and communication cost than other similar protocols.Study results of this paper indicate that new adversary model composing of the definition of strong security for the design and analysis of AKE protocols has a broader application range compared to the other models.