Unbalancing Pairing-Based Key Exchange Protocols
نویسنده
چکیده
In many pairing-based protocols more than one party is involved, and some or all of them may be required to calculate pairings. Commonly it is the pairing calculation itself which takes most time. However some parties may be better equipped than others in terms of computational power. By exploiting the bilinearity property there are established ways to off-load the pairing calculation to an untrusted third party. Here we observe that this third party may in fact be one of the other participants in the protocol. In this way a protocol may be “unbalanced” by shifting the computational load from one participant to another, which may be an advantage in some circumstances. In this paper we focus on some simple key exchange protocols. Surprisingly we find that unbalancing a key exchange protocol can endow it with the property of full forward secrecy, even if it did not originally possess it. Finally we show that a new condition on the choice of pairing-friendly curve can help to minimize the overall computation.
منابع مشابه
Diffie-Hellman type key exchange protocols based on isogenies
In this paper, we propose some Diffie-Hellman type key exchange protocols using isogenies of elliptic curves. The first method which uses the endomorphism ring of an ordinary elliptic curve $ E $, is a straightforward generalization of elliptic curve Diffie-Hellman key exchange. The method uses commutativity of the endomorphism ring $ End(E) $. Then using dual isogenies, we propose...
متن کاملEfficient identity-based authenticated multiple key exchange protocol
Authenticated multiple key exchange (AMKE) protocols not only allow participants to warrant multiple session keys within one run of the protocol but also ensure the authenticity of the other party. Many AMKE protocols using bilinear pairings have been proposed. However, the relative computation cost of the pairing is approximately twenty times higher than that of the scalar multiplication over ...
متن کاملEfficient identity-based authenticated multiple key exchange protocol
Authenticated multiple key exchange (AMKE) protocols not only allow participants to warrant multiple session keys within one run of the protocol but also ensure the authenticity of the other party. Many AMKE protocols using bilinear pairings have been proposed. However, the relative computation cost of the pairing is approximately twenty times higher than that of the scalar multiplication over ...
متن کاملEfficient, Pairing-Free, One Round Attribute-Based Authenticated Key Exchange
In this paper, we present a single round two-party attribute-based authenticated key exchange protocol. Since pairing is a costly operation and the composite order groups must be very large to ensure security, we focus on pairing free protocols in prime order groups. We propose a new protocol that is pairing free, working in prime order group and having tight reduction to Strong Diffie Hellman ...
متن کاملStrongly Secure One-Round Group Authenticated Key Exchange in the Standard Model
One-round group authenticated key exchange (GAKE) protocols typically provide implicit authentication and appealing bandwidth efficiency. As a special case of GAKE – the pairingbased one-round tripartite authenticated key exchange (3AKE), recently gains much attention of research community due to its strong security. Several pairing-based one-round 3AKE protocols have recently been proposed to ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2013 شماره
صفحات -
تاریخ انتشار 2013