Abstract

This paper investigates the two-pass (one round) authenticated key exchange protocol in the enhancedCanetti-Krawczyk (eCK) model with perfect forward security against active adversary. Currently,there exist no authenticated key exchange protocols which are provably secure in the eCK model andmeanwhile achieve perfect forward security against active adversary in one round.We propose a new two-pass (one round) authenticated key exchange protocol which enjoys fol-lowing desirable properties.First, our protocol is shown secure in the eCK model under the gapDiffie-Hellman (GDH) assumption. Moreover, our protocol does not use the NAXOS transformation,the drawback of which will be discussed in the introduction.Second, under the same assumption,we prove that our protocol achieves perfect forward security against active adversary in one round.To the best of our knowledge, our proposal is the first two-pass (one round) authenticated keyexchange protocol provably secure in the eCK model and achieving perfect forward security againstactive adversary.