A new session key agreement protocol in distributed trusted centers environment

Abstract

A new authentication and session key agreement protocol in distributed trusted centers environment is proposed according to the analysis of several key agreement protocols. This protocol is composed by three layers: the layer of management center (MTC0), the layer of trusted centers (TCs), and the layer of users belonging to different TCs. The protocol is performed by two steps. The first step deals with the interrelated tasks among TCs, it includes the user registration in TC, the signature of user's identity, and the generation of user's private key. The next step is the authentication of user's identity between different TCs, and the generation of session key. This paper analyses the rationality and security of this session key agreement protocol. This system is effective in system structure and in system parameters selection. It resolves the problems about the authentication and generation of session key between users in distributed TCs. It prevents the man-in-middle attack, and reduces the disaster that might be brought by the exposing of master key owned by the distributed TCs. It has perfect forward secrecy, key control security, and unknown key share security, etc. At the end of this paper, we analyze the flaws and propose the future works about this protocol.