A resilient identity-based authenticated key exchange protocol
This paper presents a new security notion for key exchange (KE) protocols called resiliency. That is, if a shared secret between a group of parties is compromised or leaked, they can generate another completely new shared secret without the need to set up a new KE session. We present an identity-based authenticated KE protocol that satisfies the resiliency security property. We prove that if an l-bit shared secret key (SSK) is leaked, then two parties P1 and P2 can safely generate another shared secret SSK1 without the need to establish a new session. We adjust the unauthenticated adversarial model of the Canetti–Krawczyk to meet this security property and prove the security of the proposed protocol using the Canetti–Krawczyk model based on the quadratic residuosity assumption.