Design And Analysis Of Attribute Based Authenticated Key Exchange Protocols

Attribute based encryption (ABE) has attracted many attentions in recent years, since it canprovide flexible fine-grained access control structures for large-scale distributed systems. Basedon the research of ABE schemes, researchers begin to construct attribute based authenticated keyexchange (ABAKE) protocols. Compared with other AKE protocols, ABAKE protocols not onlycan generate secure session keys for encryption algorithms, but also can achieve fuzzyauthentication and safeguard users’ privacy for inheriting the advantages of ABE schemes andthen can be implemented in some given settings, such as electronic voting system, Internet chatrooms. Therefore, to desigine secure, efficient and practical ABAKE protocol is valuable intheory and application. But so far, literature about ABAKE is poor, and available schemes haveseveral drawbacks, such as that they are all proved secure in the selective-secure model, and willdisclose users’ privacy in some degree, and are all designed in the environment with a singleattribute authority. Focused on the drawbacks mentioned above, in this thesis, we address withthe problem of designing ABAKE protocols which are based on available ABE schemes and areproved secure, and can also satisfy given requriements of security and applicantion. The mainresults got in this thesis are followings:(1) ABAKE protocols with full security and attribute-hiding are researched. Firstly, basedon an ABE scheme with full security we propose an ABAKE protocol with full security, which isproved secure in modified eCK model, and strengthens security without increasingcomputational complexity and communication cost. Secondly, we present an ABAKE protocolwith attribute-hiding, namely predicate based authenticated key exchange protocol. The newprotocol, which is also proved secure in modified eCK model, inherits the advantages ofpredicate encryption, and preserves users’ privacy perfectly.(2) ABAKE protocols designed in the environment with multiple attribute authorities arepresented. Based on ABAKE protocols in the environment with a single attribute authority, anABAKE which can be implemented in the environment with multiple attribute authorities isdesigned. And then users from different attribute domains can establish shared session keys. Byutilizing NAXOS technique, we could reduce the security of the new protocol to some standardassumptions in the modified eCK model. In addition, the computational complexity of theproposal is approximately equal to the ABAKE protocols in the environment with a singleattribute authority.(3) A new kind of two-factor AKE protocol using attributes and passwords is introduced.Firstly, cryptanalysis of a smart card based password authenticated key exchange protocol whichis designed for telecare information system is presented, and we point out that the protocol failsto achieve two-factor authentication. Then an improved scheme, which realizes true two-factorauthentication without increasing the computational cost obviously, is proposed. Secondly, bycombining attribute and password authentication techniques, we extend the function of ABAKEprotocols, and design a two-factor AKE protocol using attributes and passwords. The proposalnot only achieves true two-factor authentication, namely a successful authentication requires the user to hold correct password and private key at the same time, but also enjoys both advantagesof attribute authentication and password authentication. In addition, we formally define thesecurity model for this kind of two-factor AKE protocol, and present the security proof of theproposal in the model.