An Identity-Based Authenticated Key Exchange Protocol Resilient to Continuous Key Leakage

Identity-based authenticated key exchange (ID-AKE) protocol is an important cryptographic primitive, which is used to establish a session key between two communication participants while authenticating each other. Indeed, most of the existing ID-AKE protocols do not concern with side-channel attacks in the sense that adversaries could obtain partial information of ephemeral/permanent secret keys of users. Recently, several leakage-resilient ID-AKE (LR-ID-AKE) protocols have been proposed to address such attacks. However, these LR-ID-AKE protocols have a restriction that the total leakage information during the life time of the LR-ID-AKE protocol must be bounded to some ratio of ephemeral/permanent secret keys. In this paper, the authors define a new adversary model, termed as identity-based continuous-leakage extended Canetti-Krawczyk (ID-CL-eCK) model. Using the key refreshing procedure (i.e., the multiplicative blinding technique) of permanent secret keys, the first LR-ID-AKE protocol resilient to continuous key leakage is proposed, and it possesses overall unbounded leakage property. Comparisons are given to demonstrate that the proposed protocol is better than the previously proposed ID-AKE protocols in terms of security models and leakage properties. Under the generic bilinear group model, security analysis is made to show that the proposed LR-ID-AKE protocol is secure against adversaries in the new ID-CL-eCK model.