The Study Of Certificateless Authenticated Key Exchange Protocol

An authenticated key exchange protocol allows two or more parties of communication in an insecure public network to establish a secret session key,which is an important research branch of modern cryptography and implement the important foundation of secret communication.Certificateless public key cryptography not only avoid the certificate management in traditional public key cryptosystem but also overcome the escrow problem in identity-based public key cryptosystem,therefore has important theory value and broad application prospects.In this paper,a certificateless one-pass authenticated key exchange protocol and its security mode is studiedl.Compared with two-pass authenticated key exchange protocol,one-pass authenticated key exchange protocol allows the sender without interacting with the responder to generate the session key,which has application prospect in the field of encrypted E-mail.The main results are as follows:A security model for certificateless one-pass authenticated key exchange protocol was defined.In certificateless cryptography,two types of adversaries are considered.A Type-? adversary who can replace the public key of participants of protocol does not have access to the master-key of system.A Type-? adversary knows the master-key of system but cannot replace the public key.In this paper,a security model is proposed by integrating the two types of adversary capabilities which is suitable for certificateless one-pass authenticated key exchange protocol.A certificateless one-pass authenticated key exchange protocol is presented without expensive pairing operations.The security of our protocol is proved under Gap Diffie-Hellman(Gap-DH)assumption in security model.This protocol is relatively efficient because there is pairing operations in our protocol.In this paper,we do research in password-based authenticated key exchange protocol.First of all,in order to resist server information leakage problem,we point out the omission of subgroup validation may result in some security weakness by analyzing the protocol SPAKE2+.Secondly,we propose a new password-based authenticated key exchange protocol(MDHKE+)based on MDHKE protocol and trapdoor test technique.Compared with SPAKE2+,our protocol is reduced two exponentiations more efficient.