Tripartite Authenticated Key Agreement Protocols from Pairings [chapter]

Sattam S. Al-Riyami, Kenneth G. Paterson
2003 Lecture Notes in Computer Science  
Joux's protocol [29] is a one round, tripartite key agreement protocol that is more bandwidthefficient than any previous three-party key agreement protocol. But it is insecure, suffering from a simple man-in-the-middle attack. This paper shows how to make Joux's protocol secure, presenting several tripartite, authenticated key agreement protocols that still require only one round of communication. A pass-optimal authenticated and key confirmed tripartite protocol that generalises the
more » ... station protocol is also presented. The security properties of the new protocols are studied using provable security methods and heuristic approaches. Applications for the protocols are also discussed.
doi:10.1007/978-3-540-40974-8_27 fatcat:tjml4y5zqvgodpfhvrxfepdfce