Paper 2011/195
An ID-based three-party authenticated key exchange protocol using elliptic curve cryptography for mobile-commerce environments
Debiao He and Yitao Chen
Abstract
For secure communications in public network environments, various three-party authenticated key exchange (3PAKE) protocols are proposed to provide the transaction confidentiality and efficiency. In 2009, Yang et al. proposed an efficient three-party authenticated key exchange protocol based upon elliptic curve cryptography(ECC) for mobile-commerce environments. Because the elliptic curve cryptography is used, their 3PAKE protocol has low computation costs and light communication loads. However, Tan demonstrated that Yang et al.’s protocol suffers from the impersonation attack and the parallel attack. Tan also proposed an enhanced protocol to improve the security and the performance. However, Yang et al.’s protocol and Tan’s protocol bases on the public key infrastructure(PKI). Then the server has to maintain the certificates for users’ public keys. When the number of users is increased, the server needs a large storage space to store users’ public keys and certificates. In addition, the server needs additional computations to verify the other’s certificate in their protocols. This causes the computation loads and the energy costs of mobile devices very high. In this paper, we propose an ID-based 3PAKE using ECC. Compared with the related protocol, our protocol does not need additional computations to verify certificate and has the better performance. Then our protocol is more suitable and practical for mobile-commerce environments.
Metadata
- Available format(s)
- -- withdrawn --
- Publication info
- Published elsewhere. The paper has not been published.
- Keywords
- ID-basedThree-party key exchangeElliptic curve Cryptosystem
- Contact author(s)
- hedebiao @ 163 com
- History
- 2011-07-20: withdrawn
- 2011-04-25: received
- See all versions
- Short URL
- https://ia.cr/2011/195
- License
-
CC BY