Minghua Qu

An Efficient Protocol for Authenticated Key Agreement

This paper proposes an efficient two-pass protocol for authenticated key agreement in the asymmetric (public-key) setting. The protocol is based on Diffie-Hellman key agreement and can be modified to work in an arbitrary finite group and, in particular, elliptic curve groups. Two modifications of this protocol are also presented: a one-pass authenticated key agreement protocol suitable for environments where only one entity is on-line, and a three-pass protocol in which key confirmation is additionally provided. Variants of these protocols have been standardized in IEEE P1363 [17], ANSI X9.42 [2], ANSI X9.63 [4] and ISO 15496-3 [18], and are currently under consideration for standardization and by the U.S. governments National Institute for Standards and Technology [30].

Analysis of the Weil Descent Attack of Gaudry, Hess and Smart

We analyze the Weil descent attack of Gaudry, Hess and Smart [11] on the elliptic curve discrete logarithm problem for elliptic curves defined over finite fields of characteristic two.

Factorizations in the elementary Abelian p-group and their cryptographic significance

Let G be a finite group and let Ai 1 ≤ i ≤ s, be subsets of G where ¦Ai¦ ≥ 2, 1 ≤ i ≤ s and s ≥ 2. We say that (A1, A2,..., A3) is a factorization of G if and only if for each g ε G there is exactly one way to express g = a1a1a2··· a3, where aj ε Ai, 1 ≤ i ≤ s.The problem of finding factorizations of this type was first introduced by Hajos [3] in 1941. Since then a number of papers have appeared on the subject. More recently, Magliveras [6] has applied factorization of permutation groups to cryptography to obtain a private-key cryptosystem. Factorizations in the elementary abelian p-group were exploited (but not explicitly stated in these terms) by Webb [13] to produce a public-key cryptosystem conceptually similar to cryptosystems based on the knapsack problem.Using the result that certain types of factorizations in the elementary abelian p-group are necessarily transversal (a term introduced by Magliveras), this paper shows that the public-key system proposed by Webb is insecure.

Cryptanalysis of the Sakazaki-Okamoto-Mambo ID-based Key Distribution System over Elliptic Curves

In 1997, H. Sakazaki, E. Okamato and M. Mambo [6] proposed an ID-based key distribution system on an elliptic curve over ℤ n . We will cryptanalyze the scheme and demonstrate that when the hashed ID length is about 160 bits, the scheme is insecure. To be specific, after requesting a small number of keys from the Center, our attack allows a new valid key to be constructed without any further interaction with the Center.