Leakage-Resilient Certificate-Based Authenticated Key Exchange Protocol

Abstract

Certificate-based public key cryptography (CB-PKC) removes the problem of certificate management in traditional public key systems and avoids the key escrow problem in identity-based public key systems. In the past, many authenticated key exchange (AKE) protocols based on CB-PKC systems, called CB-AKE, were proposed to be applied to secure communications between two remote participants. However, these existing CB-AKE protocols become insecure since attackers could compute and obtain the whole secret key from some partial leaked information of the secret key by side channel attacks. In this paper, our goal is to propose the <inline-formula><tex-math notation="LaTeX">$first$</tex-math></inline-formula> CB-AKE protocol with the property to resist side channel attacks, called leakage-resilient CB-AKE (LR-CB-AKE). The proposed LR-CB-AKE protocol is formally proven to be secure in the generic bilinear group (GBG) model under the discrete logarithm (DL) and computational Diffie-Hellman (CDH) assumptions.