An Extension of a Universally Composable Framework for Authenticated Identity-based Key Agreement
Abstract
There can be found several frameworks for the security analysis of protocols in the literature based on the modularity of Universal Composability. Although most of them support a variety of cryptosystems, identity-based cryptography is usually not among them. In this paper, we present and prove an extension of a framework to support the identity-based key agreement. We sketch the security analysis of a real protocol for mutual authentication proposed for an IoT context to validate our solution.
Keywords:
Universal Composability, Security Analysis of Protocols, Identity-based Cryptography, Internet of Things
References
Abbas, N., Asim, M., Tariq, N., Baker, T., and Abbas, S. (2019). A Mechanism for Securing IoT-enabled Applications at the Fog Layer. Journal of Sensor and Actuator Networks.
Aranha, D. F., Oliveira, L. B., Lopez, J., and Dahab, R. (2009). NanoPBC: Implementing Cryptographic Pairings on an 8-bit Platform. In Conference on Hyperelliptic curves, discrete Logarithms, Encryption, etc (CHiLE 2009).
Burmester, M., Van Le, T., and de Medeiros, B. (2006). Provably Secure Ubiquitous Systems: Universally Composable RFID Authentication Protocols. In (SecureComm’06).
Canetti, R. (2001). Universally Composable Security: A New Paradigm for Cryptographic Protocols. In Symposium on Foundations of Computer Science (FOCS’01).
Canetti, R. and Herzog, J. (2006). Universally Composable Symbolic Analysis of Mutual Authentication and Key-Exchange Protocols. In Theory of Cryptography Conference (TCC’06).
Hofheinz, D. and Shoup, V. (2015). GNUC: A New Universal Composability Framework. Journal of Cryptology.
Kusters, R. (2006). Simulation-based Security with Inexhaustible Interactive Turing Machines. In Computer Security Foundations Workshop (CSFW’06).
Küsters, R. and Rausch, D. (2017). A Framework for Universally Composable DifeHellman Key Exchange. In Symposium on Security and Privacy (SP’17).
Küsters, R. and Tuengerthal, M. (2011). Ideal Key Derivation and Encryption in Simulation-Based Security. CT-RSA 2011.
McCullagh, N. and Barreto, P. S. L. M. (2005). A New Two-party Identity-based Authenticated Key Agreement. In Conference on Topics in Cryptology (CT-RSA’05).
Micali, S., Goldreich, O., and Wigderson, A. (1987). How to Play Any Mental Game. In Symposium on Theory of Computing (STOC’87).
Neto, A. L. M. et al. (2016). AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle. In Conference on Embedded Network Sensor Systems (Sensys’16).
Oliveira, L. B. and Dahab, R. (2006). Pairing-Based Cryptography for Sensor Networks. In Symposium on Network Computing and Applications (NCA’06).
Sakai, R., Ohgishi, K., and Kasahara, M. (2000). Cryptosystems Based on Pairing. In Symposium on Cryptography and Information Security (SCIS’00).
Salman, O., Abdallah, S., Elhajj, I. H., Chehab, A., and Kayssi, A. (2016). Identity-based Authentication Scheme for the Internet of Things. In Symposium on Computers and Communication (ISCC’16).
Shamir, A. (1984). Identity-based Cryptosystems and Signature Schemes. In Cryptology Conference on Advances in Cryptology (CRYPTO’84).
Van Le, T., Burmester, M., and De Medeiros, B. (2007). Universally Composable and Forward-Secure RFID Authentication and Authenticated Key Exchange. In Symposium on Information, Computer and Communications Security (ASIACCS’07).
Aranha, D. F., Oliveira, L. B., Lopez, J., and Dahab, R. (2009). NanoPBC: Implementing Cryptographic Pairings on an 8-bit Platform. In Conference on Hyperelliptic curves, discrete Logarithms, Encryption, etc (CHiLE 2009).
Burmester, M., Van Le, T., and de Medeiros, B. (2006). Provably Secure Ubiquitous Systems: Universally Composable RFID Authentication Protocols. In (SecureComm’06).
Canetti, R. (2001). Universally Composable Security: A New Paradigm for Cryptographic Protocols. In Symposium on Foundations of Computer Science (FOCS’01).
Canetti, R. and Herzog, J. (2006). Universally Composable Symbolic Analysis of Mutual Authentication and Key-Exchange Protocols. In Theory of Cryptography Conference (TCC’06).
Hofheinz, D. and Shoup, V. (2015). GNUC: A New Universal Composability Framework. Journal of Cryptology.
Kusters, R. (2006). Simulation-based Security with Inexhaustible Interactive Turing Machines. In Computer Security Foundations Workshop (CSFW’06).
Küsters, R. and Rausch, D. (2017). A Framework for Universally Composable DifeHellman Key Exchange. In Symposium on Security and Privacy (SP’17).
Küsters, R. and Tuengerthal, M. (2011). Ideal Key Derivation and Encryption in Simulation-Based Security. CT-RSA 2011.
McCullagh, N. and Barreto, P. S. L. M. (2005). A New Two-party Identity-based Authenticated Key Agreement. In Conference on Topics in Cryptology (CT-RSA’05).
Micali, S., Goldreich, O., and Wigderson, A. (1987). How to Play Any Mental Game. In Symposium on Theory of Computing (STOC’87).
Neto, A. L. M. et al. (2016). AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle. In Conference on Embedded Network Sensor Systems (Sensys’16).
Oliveira, L. B. and Dahab, R. (2006). Pairing-Based Cryptography for Sensor Networks. In Symposium on Network Computing and Applications (NCA’06).
Sakai, R., Ohgishi, K., and Kasahara, M. (2000). Cryptosystems Based on Pairing. In Symposium on Cryptography and Information Security (SCIS’00).
Salman, O., Abdallah, S., Elhajj, I. H., Chehab, A., and Kayssi, A. (2016). Identity-based Authentication Scheme for the Internet of Things. In Symposium on Computers and Communication (ISCC’16).
Shamir, A. (1984). Identity-based Cryptosystems and Signature Schemes. In Cryptology Conference on Advances in Cryptology (CRYPTO’84).
Van Le, T., Burmester, M., and De Medeiros, B. (2007). Universally Composable and Forward-Secure RFID Authentication and Authenticated Key Exchange. In Symposium on Information, Computer and Communications Security (ASIACCS’07).
Published
2021-10-04
How to Cite
MAIA NETO, Antonio L.; CUNHA, Ítalo; OLIVEIRA, Leonardo B..
An Extension of a Universally Composable Framework for Authenticated Identity-based Key Agreement. In: BRAZILIAN SYMPOSIUM ON INFORMATION AND COMPUTATIONAL SYSTEMS SECURITY (SBSEG), 21. , 2021, Belém.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2021
.
p. 141-154.
DOI: https://doi.org/10.5753/sbseg.2021.17312.
