An Enhanced Two-Party Key Agreement Protocol in the Key Escrow Mode

In an open and distributed environment, authenticated key agreement protocol, as an important cryptographic primitive, is used to authenticate entities and establish session key in order to provide secure communications. Key escrow is essential in situations where confidentiality and audit trail are legal requirements, whilst perfect forward secrecy and known session-specific temporary information secrecy attributes are desirable to provide stronger security. In this paper, we give a cryptanalysis on the scheme due to Wang et al., which is based on the identity-based encryption scheme proposed by Gentry (Eurocrypt'06), and then present an enhanced secure two-party identity-based authenticated key agreement protocol. The new proposed protocol achieves most of the required security attributes and can be used properly in the escrow mode. Security analysis shows that it achieves the attributes of known-key secrecy, key-compromise impersonation resilience, unknown key-share resilience and no key control. In addition, it captures the perfect forward secrecy and known session-specific temporary information secrecy attributes.