On the Design of Key Exchange Protocol and its Variants

Abstract

With the advancement in Internet-based technologies, network applications are no longer just limited to one-to-one communication; instead, it has become a publicly accessible resource. Regardless of this growth, such applications bring specific challenges concerning authentication, integrity, and privacy. Cryptography stands as an ideal solution to overcome these issues through an interactive method of secure communication called Key Exchange. Key exchange protocols allow two or more entities to agree upon a shared secret transmitted over a public channel without revealing any information to an eavesdropper.
This thesis contributes to the design and analysis of the variants of key exchange protocols along with their applications. As per the security requirements, the proposed schemes are either designed in an interactive model or a non-interactive model. Each scheme undergoes a series of formal and informal security analysis. The formal analysis provides simulation result using cryptographic models. Whereas, an informal analysis showcases the theoretical proves on known attacks where an adversary controls the network. The performance analysis maps the protocol’s efficiency based on the computation cost and communication size.
The first contribution introduces an interactive two-party authenticated key exchange protocol. We begin by investigating the security flaws in an existing system such as, lack of user anonymity, trace attack, clogging attack, and failure to resist replay attack. Then proposed an authenticated self-certified key exchange protocol that overcomes the addressed issues. Also, it eliminates the requirements of a trusted certificate authority to authorize the entities. The scheme achieves anonymity during session execution, mutual authentication and enables session key agreement.Based on the ideology, an application is designed, forsecure communication between ad-hoc nodes in a mobile ad-hoc network.
The second contribution contributes to the design of an Identity-based authenticated three-party key exchange protocol that overcomes the incapability of managing huge
peer-to-peer communication and high computation cost faced by two-party authenticated key exchange protocols. The proposed scheme preserves user privacy by enabling the property of anonymity and ensures non-repudiation. Based on the ideology, an application is designed to establish a secure session key between two users with the help of a trusted server for an electronic payment system.
The third contribution proposes an interactive pairing-free certificateless authenticated group key agreement scheme suitable for a resource constrained mobile network. The scheme allows any user to join or leave the group dynamically. The key agreement protocol devised in this scheme ensures un-deniability property by incorporating the signcryption, and unsigncryption algorithm.
The final contribution presents a non-interactive Identity-based deniable authentication protocol that allows an intended receiver to identify the origin of a given message without being able to prove sender’s identity to a third party.