Research Article
Authenticated Diffie-Hellman Key Agreement Scheme that Protects Client Anonymity and Achieves Half-Forward Secrecy
Table 1
Summary of performance comparison among two-party key agreement schemes with client anonymity.
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Note : : the bit length of RSA modulus N; : the length of hash function ( and ); : the length of string representation of one elliptic curve point, and denotes the bit length of q. : the bit length of timestamp; : the length of identity; : the length of nonce. Note : : time complexity of one elliptic curve point multiplication; : time complexity for one elliptic curve point addition; : time complexity for one XOR operation; : time complexity for one hash operation; : time complexity of one modular exponentiation; : time complexity of one modular multiplication; : time complexity of one symmetric encryption. Note : The session key security was based on the privacy of nonce and the fixed D-H key (the fixed key ). If one private key of either the server or the client is compromised, then the long-term, fixed D-H key is compromised and one of the nonce is compromised; therefore, its security is not strong as the ECDHP. Note : Our scheme applies hashing to protect the dynamic identity while other schemes use encryption of identity to protect anonymity; therefore, we can simplify the comparison by assuming . Note : Chien [12] reported the failure of client anonymity of Yoon-You’s scheme [11]. |