This paper presents a new security notion for key exchange (KE) protocols called resiliency. That is, if a shared secret between a group of parties is compromised or leaked, they can generate another completely new shared secret without the need to set up a new KE session. We present an identity-based authenticated KE protocol that satisfies the resiliency security property. We prove that if an l-bit shared secret key (SSK) is leaked, then two parties P-1 and P-2 can safely generate another shared secret SSK1 without the need to establish a new session. We adjust the unauthenticated adversarial model of the Canetti-Krawczyk to meet this security property and prove the security of the proposed protocol using the Canetti-Krawczyk model based on the quadratic residuosity assumption.

• 出版日期2015-9-10