Research On Three-party Key Agreement Protocols

It provides us more and more convenient services with the computer development and the internet wide applications since20th century, but it also brings a series of information security risks at the same time.In order to secure communications on an insecure channel, we need to encrypt conversations to make sure of confidentiality in reality applications. Participants call for establishing secret key. It proposed key agreement system for generation of key. The key agreement protocol is that participants in conversation cooperate to offer useful messages for key generation together, and then they get a session key and use it to protect the following conversation. At first, key agreement protocols adopted traditional asymmetric cryptography system, and then adopted identity-based encryption system. However, it occupies great amounts of computation. In order to avoid key escrow, certificateless key agreement cryptosystem has been proposed. In order to settle authentication for key exchange and avoid the man in the middle attack, password authenticated key exchange protocol has been proposed.In this thesis, three-party key agreement protocols are investigated concretely. In two-party model, participants are one server and one user, or two users. However, there exist three equal users or one trusted server and two users in three-party key exchange protocols.The main contributions in this thesis are as follows:(1) This paper proposes a novel three-party key agreement protocol without a trusted server. Three users take equal participation in key generation. This protocol is based on a new algebra structure which called tropical algebra. It satisfies known key security, resisting man in the middle attack and confidentiality of key. And it can protect from linear algebra attack efficiently. For its special structure, it has great advantage in computation complexity which only contains addition and taking the minimum.(2) This paper proposes a three-party password authenticated key exchange protocol, in which two users A and B share a password with a server S respectively. It can resist the man in the middle attack, dictionary attack, inner attack, keep known key security, forward security, and constitutionally agreement. And this paper compares it with some three-party password based key exchange protocols.