CLORKE-SFS: Certificateless one-round key exchange protocol with strong forward security in limited communication scenarios

Abstract

Certificateless one-round key exchange (CL-ORKE) protocols enable each participant to share a common key with only one round of communication which greatly saves communication cost. CL-ORKE protocols can be applied to scenarios with limited communication, such as space communication. Although CL-ORKE protocols have been researched for years, lots of them only consider what secrets can be compromised but ignore the time when the secrets have been corrupted. In CL-ORKE protocols, the reveal of the long-term key attacks can be divided into two different attacks according to the time of the long-term key revealed: the attack to weak Forward Security (wFS) and the attack to strong Forward Security (sFS). Many CLKE protocols did not take into account the sFS property or considered sFS as wFS. In this paper, we first propose a new security model for CL-ORKE protocols which considers the sFS property as well as the Ephemeral Key Reveal attack. Then, we give a CL-ORKE protocol which is called CLORKE-SFS. CLORKE-SFS is provably secure under the proposed model provided the Elliptic Curve Computational Diffie-Hellman (ECCDH) and the Bilinear Computational Diffie-Hellman problem (BCDH) assumption hold. The security model and the protocol may give inspiration for constructing one-round key exchange protocols with perfect forward security in certificateless scenarios.