ID-based Tripartite Multiple Key Agreement Protocol Facilitating Computer Auditing and Transaction Refereeing

便於線上稽核及交易仲裁之身分基礎式三方金鑰協定

10.6382/JIM.200610.0016

簡宏宇(Hung-Yu Chien)

安全 ； 稽核 ； 金鑰協議 ； 雙線性配對 ； 橢圓曲線 ； security ； auditing ； key agreement ； bilinear pairing ； elliptic curve

資訊管理學報

13卷4期（2006 / 10 / 01）

185 - 203

英文

為了便於電腦稽核或交易仲裁，系統需要保存真實資料。然而，通常通訊雙方會將通訊內容予以加密以防止不法份子之竊聽或攻擊；如此將造成稽核者或仲裁者無法線上即時予以監控或直接介入通訊。此一惱人的問題自從Joux設計出第一個高效率之三方式金鑰協定後，將得以有效的解決。一個三方式金鑰協定允許通訊的三方可以高效率的進行金鑰協議進而對彼此通訊做安全之加密，如此仲裁者或稽核者便可以安全地加入通訊雙方。然而，現今已發表之三方金鑰協定仍存在著諸多的安全弱點。此篇論文將檢視一些近日發表論文之弱點，並提出一新的機制以改善安全功能及效率。我們將在修訂之Bellare-Pointcheval-Rogaway模型中證明此協定的安全。

Computer auditing and transaction refereeing require the system to keep genuine records. However, it is difficult for an auditor or a referee to on-line audit the contents or involve in the communication while the communication is kept confidential from others. This problem has a promising solution, when Joux proposed the first efficient tripartite key agreement protocol that enables three parties (that might include one referee) to establish a secure session key. However, several published schemes are not secure. This paper examines the weaknesses, and then proposes an ID-based tripartite multiple key agreement protocol to raise the level of security and improve the efficiency. The security is proved in a modified Bellare-Pointcheval-Rogaway model.

1. Al-Riyami, S. S.,Paterson, K. G.(2003).Tripartite Authenticated Key Agreement Protocols from Pairings.IMA Conference on Cryptography and Coding, LNCS 2898
2. Bellare, M.,Pointcheval, D.,Rogaway, P.(2000).Authenticated key exchange secure against dictionary attacks.Eurocrypt 2000, LNCS 1807.
3. Bellare, M.,Rogaway, P.(1995).27th ACM Symposium on the Theory of Computing.ACM press.
4. Canetti, R.,Krawczyk, H.(2001).Analysis of key-exchange protocols and their use for building secure channels.Eurocrypt 2001, LNCS 2045.
5. Cryptology ePrint Archive, Report
6. Choo, K. K. R.,Boyd, C.,Hitchcock, Y.,Greg, M..On session identifiers in provably secure protocols.in Fourth Conference on Security in Communication Networks-SCN 2004, LNCS 3352
7. Hess, F.(2002).Efficient identity based signature schemes based on pairings.SAC 2002, LNCS2595.
8. Hitchcock, Y.,Boyd, C.,Nieto, J. M. G..Tripartite key exchange in the Canetti-Krawczyk proof model.5th International Conference on Cryptology in India-Indocrypt 2004
9. Joux, A.(2000).A one round protocol for tripartite Diffie-Hellman.ANTS IV, LNCS1838.
10. Liu, S.,Zhang, F.,Chen, K.(2003).ID-based tripartite key agreement protocol with pairing.Proc. IEEE ISIT 2003.
11. Nalla, D.,Reddy, K. C.(2003).ID-based tripartite authenticated key agreement protocols from pairings.Cryptology ePrint Archive, Report.
12. Shim, K.(2003).Efficient one round tripartite authenticated key agreement protocol from Weil pairing.Electron. Lett.,39(2),208-209.
13. Shim, K.(2003).A man-in-the-middle attack on Nalla-Reddy's ID-based tripartite authenticated key agreement protocol.Cryptology ePrint Archive, Report.
14. Sun, H.-M.,Hsieh, B.-T.(2003).Security Analysis of Shim's Authenticated Key Agreement Protocols from Pairings.Cryptology ePrint Archive, Report.
15. Zhang, F.,Liu, S.,Kim, K.(2002).ID-based one-round authenticated tripartite key agreement protocol with pairings. Cryptology eprint Archive, Report.

1. Lee, Chin-Feng,Lai, Chi-Sung,Chien, Hung-Yu(2011).Secure Tripartite STS key Agreement Protocol in Random Oracle Model.資訊管理學報,18(2),215-235.