Abstract:
Key agreement protocols are fundamental to establish communications between two or more parties over an insecure network. Authenticated key agreement protocols not only allow parties to compute the session key but also ensure the authenticity of the involved parties. The design of ID-based authenticated key agreement protocols, which are secure and efficient, remains an open question in the field of ID-based cryptography. In recent years, several ID-based two-party authenticated key agreement protocols have been proposed. However, we discover that these protocols are in fact insecure if the attacker has stronger ability of revealing the ephemeral private keys of parties. In this paper, a new ID-based two-party authenticated key agreement protocol is presented which possesses attribute of PKG forward security. In this protocol, the session key is calculated by the long-term private keys and ephemeral private keys of parties. It is provable secure under q-augmented bilinear Diffie-Hellman exponent (q-ABDHE) assumption in standard model. Analysis shows that the session key is also secure even if the attacker gets the long-term private keys or ephemeral private keys of parties. Compared with other protocols from security and performance, our protocol has a good balance between computational cost and security.