Research On CL-PKC One-way And Two-party Authenticated Key Agreement Protocol

With the rapid development of information technology, information security has been an important primitive. The key technology of information security, i.e. cryptography technology, has to be used to protect the information through the open channel from the adversary. Before using the cryptographic algorithms to encrypt the information, a session key has to be established among the users who will communicate through the open channel.One of the main methods for sharing the session key is the authenticated key agreement technique which mainly depends on the design of the authenticated key agreement protocol. The authenticated key agreement protocol is designed based on the pubilic key cryptosystems and the protocol designed based on CL-PKC(Certificateless Public Key Cryptography) performs better than the those based on PKI(Public Key Infrastructure) and ID-PKC(Identity-based Public Key Cryptography). One of the main branches of the authenticated key agreement is the two-party authenticated key agreement one of whose relization methods is the one-way two-party authenticated key agreement. In the one-way two-party authenticated key agreement protocol, only the initiator sends messages to the responder while the responder doesnot send message to the initiator. It considers both the security and the resource consumption.After the research of the existing CL-PKC one-way two-party authenticated key agreement protocols, the work are done as follows in this paper:(1) All exsiting CL-PKC one-way two-party authenticatied key agreement protocols have security problems, such as they cannot resist the leakage of ephemeral secret attack.After the analysis of the CL-PKC one-way two-party authenticated key agreement protocol proposed by Lei Zhang, it is clear that the protocol cannot resist the leakage of ephemeral secret attack. Then an attack scheme is proposed.(2) Based on the CL-PKC one-round two-party authenticated key agreement protocol security modle proposed by Lippold et al. a security modle suitable for CL-PKC one-way two-party authenticated key agreement protocol is proposed. Under this sucrity modle, as long as each party has one uncompromised secret, the protocol is secure.(3) Based on the security model, the protocol proposed by Lei Zhang is improved. The security of the improved protocol is relied on CDH(Compute Diffie-Hellman) problem and GBDH(Gap bilinear Diffie-Hellman) problem. By the formal proof of the six probable cases of the improved protocol, it is known that the protocol can cover the shortage of Lei Zhang protocol that it cannot resist the leakage of the ephemeral secret attack and meets all the one-way two-party authenticated key agreement protocol security requirements. Two extended directions for stronger securtiy performance are introduced, which are resistance to key compromise impersonation security and forward security.