标准模型下可托管的基于身份认证密钥协商

现有会话密钥可托管的ID-AKA(IDentity-based Authenticated Key Agreement)协议要么存在已知安全缺陷,要么是在随机预言模型下可证明安全.基于Boneh等人定义的安全陷门函数,提出一种会话密钥可托管的ID-AKA协议.在ID-BJM模型基础上,扩展定义了ID-AKA协议分析的标准安全模型.扩展模型将安全游戏划分为两个阶段,去除了随机预言机,能完备地模拟不同类型敌手的行为.在扩展模型下,新协议的安全性被规约为多项式时间敌手求解判定性BDH(Bilinear Diffie-Hellman)难题和判定性BDHI(Bilinear Diffie-Hellman Inversion)难题,具有可证明安全性.

Escrowable Identity-Based Authenticated Key Agreement in the Standard Model

In recent years, a few escrowable ID-AKA protocols have been proposed, but none of them are provably secure in the standard model while simultaneously having strong security.The main issue is how a simulator is able to deal with reveal-queries without the help of random oracles.In this paper, we presented a method incorporating a built-in security trapdoor function in an escrowable ID-AKA protocol.The security of our protocol relied on the hardness of the decisional Bilinear Diffie-Hellman Inversion problem.Meanwhile, we extended the security game of ID-AKA protocols to resist stronger adversarial powers, which allowed our security game to capture additional security properties such as perfect forward secrecy, ephemeral secrets reveal resistance and so on.Assuming that no adversary can obtain the master secret key and each party in the protocol has at least one uncompromised secret, our scheme is secure.