Key Agreement Phase Sample Clauses

Key Agreement Phase. In the key agreement phase, the actual symmetric secret shared SK between SM and SP is established. We denote the SM by the entity with identity ▇▇▇, key pair (dA, PA) and certificate certA. Similar, the SP is denoted by the entity with identity IDB, key pair (dB, PB) and certificate certB. The detailed description is as follows. SP broadcast: Every fixed period, the SP broadcasts the EC point M0 = {R2}. This point is computed by randomly choosing a variable r2 and R2 = r2P.
View SourceView Similar (4)
Key Agreement Phase. In the key agreement phase, the sensor node and the CS chooses an elliptic curve EP(a, b), y2 = x3 + ax + b mod P, where P is a generator point on EP(a, b). The key agreement phase generates a shared key between a sensor node (SN) and the CS. The entire key agreement process is illustrated in Figure 2. QSN = h(tokenSN || IDSN || STAMPp1 ) HDP1 = h(QSN || tokenSN || IDSN || STAMPp1 ) (IDSN , STAMPp1, QSN , HDp1 ) Step 1 Checks HD p1 , STAMPp1 QSN1 = h(tokenSN || IDSN || STAMPp1 ) QSN = ?QSN1 Step 2 Checks HD p 2 , STAMPp 2 Generates (F, f ), (R, r) Chooses a1 c (0, m1 ) HDp 2 = h(F || tokenSN || R || STAMPp 2 ) (F, R, a1, STAMPp 2 , HDp 2 ) Generates (E, e) Chooses a2 c (0, m2 ) HDp3 = h(QSN || tokenSN || IDSN || STAMPp3 ) (E, a2 , STAMPp3 , HDp3 ) Checks HD p3 , STAMPp3 y = hash(HDp1 || HDp 2 || HDp3 ) M = m * m , M = M / m , y = M –1(mod m )(1 S i S 2) y = hash(HDp1 || HDp 2 || HDp3 ) x ÷ a1 y1M1 + a2 y2M 2 (mod M ) SKSN = e(Fx + yR) x ÷ a1 y1M1 + a2 y2M 2 (mod M ) SKCS = E( fx + yr) Step 1: After the SN is registered, some initialization parameters are obtained, including the sensor node identity IDSN, the authentication token tokenSN, and the Chinese Remainder Theory parameters m1andm2. Then, the SN computes the most important authority message digest: QSN = h(tokenSN ||IDSN ||STAMPp1) and the hash digest of the current package HDp1, where the index variable p1 represents the first phase in key agreement. All these parameters, QSN, IDSN, STAMPp1, andHDp1, will be sent to the CS. After receiving these parameters, the CS computes QSN1 = h(tokenSN ||IDSN ||STAMPp1) and verifies whether the equation (QSN = QSN1) makes sense. If this equation is not true, this key agreement step will be stopped immediately. Step 2: After successful verification, the CS generates two pairs of public keys and private keys: (F, f ) and (R, r). Subsequently, the CS chooses a random number a1(0 < a1 < m1). Then, the CS sends parameters F, R, a1, STAMPPp2, and HDp2 to the sensor node. Step 3: When the sensor node receives the parameters from the CS, the sensor node generates a pair of public and private keys (E, e), chooses a random number a2(0 < a2 < m2), and then computes HDP3 = h(E||a2||tokenSN ||STAMPp3).
View Source
Key Agreement Phase. In the key agreement phase, two rounds are required for generating a common conference key for multiple partici- pants, and the way of message exchanges is with respect to the group data sharing model established by the structure E of the (v, k + 1, 1)-design.
View Source
Key Agreement Phase. In this phase, FA and HA can be authenticated, and a secure session key between MN and FA can be established. The steps of this phase are shown as follows. Step 1. HA computes K = EcP KF A (rMN ||rF A) and S = EcA(rMN rF A IDF A PKF A), and sends the message (K, S) to FA. Step 2. After receiving the message, FA decrypts K with d × PKHA to recover rMN and rF A. If the recovered rF A and the original one are identical, FA believes that the mobile user MN is a valid user. Then FA forwards S to MN. Step 3. Upon receiving the message S from FA, MN first decrypts S with e × PKHA, where e × PKHA = c × A, for recovering {rMN , rF A, IDF A, PKF A}. If the rMN and the IDF A are both verified, MN be- lieves that FA is authenticated. Finally, both MN and FA can compute the agreed session key SK = Ed×A(rMN ⊕ rFA) = Ee×PKF A (rMN ⊕ rFA). The above two phases are outlined in Figure 2.
View Source
Key Agreement Phase. This phase occurs between the vehicles 𝑉𝑖 and ▇▇ without an intervention of a third- party server. This phase is demonstrated in Fig. 2. 𝑝 𝑖 Step 1. 𝑉𝑖 selects a random number 𝑥 𝜖 𝑍∗ and calculates 𝜏 = 𝑥𝐺, and sends {𝐼𝐷 , 𝑅 , 𝜏 } to 𝑉 . �� 𝑖 𝑖 𝑗 𝑝 𝑖 Step 2. Upon reception of the message, ▇▇ selects a random number 𝑦 𝜖 𝑍∗ and 𝜏 = 𝑦𝐺 and sends the message < 𝐼𝐷𝑗 , ▇▇, 𝜏𝑗 > to 𝑉𝑖 . At the same time, it obtains the public key of 𝑉𝑖 as 𝑄𝑖 = 𝑅𝑖 + ℎ1(𝐼𝐷𝑖 ∥ 𝑅��)𝐾𝑝𝑢𝑏 and calculates 𝐾𝑗 = ℎ2(𝑑𝑗𝑄𝑖)𝑦𝜏𝑖 and the session key 𝑆𝐾𝑗 = ℎ3(𝐼𝐷𝑖 ∥ 𝐼𝐷𝑗 ∥ 𝐾𝑗 ∥ 𝑦𝑄𝑖 ∥ 𝑑𝑗 𝜏𝑖). Step 3. 𝑉𝑖 receives the message < 𝐼𝐷𝑗 , ▇▇, 𝜏𝑗 > and obtains public key 𝑄𝑗 = ▇▇ + ℎ1(𝐼𝐷𝑗 ∥ ▇▇)𝐾𝑝𝑢𝑏, and calculates ��𝑖 = ℎ2(𝑑𝑖𝑄𝑗)𝑥𝜏𝑗 and obtains the session key 𝑆𝐾𝑖 = ℎ3 (𝐼𝐷𝑖 ∥ 𝐼𝐷𝑗 ∥ 𝐾𝑖 ∥ 𝑥𝑄𝑗 ∥ 𝑑𝑖 𝜏𝑗 ). Fig. 2. Authentication process in Li et al.’s protocol 3.4. Weakness of Li et al.’s protocol The following summarizes security issues of ▇▇ et al.’s protocol.
View Source
Key Agreement Phase. This phase occurs between the vehicles and without an intervention of a third- party server. This phase is demonstrated in Fig. 2. Step 1. selects a random number ∗ and calculates = , and sends { , , } to . Step 2. Upon reception of the message, selects a random number ∗ and = and sends the message < , , > to . At the same time, it obtains the public key of as = + ℎ1( ∥ ) and calculates = ℎ2() and the session key = ℎ3( ∥ ∥ ∥ ∥ ). Step 3. receives the message < , , > and obtains public key = + ℎ1( ∥ ), and calculates = ℎ2() and obtains the session key = ℎ3 ( ∥ ∥ ∥ ∥ ).
View Source
Key Agreement Phase. ▇▇▇▇▇ and ▇▇▇ each chooses random values a, b ∈ Z∗. Given these initializations, the protocol is as follows: Protocol messages: A −→ B: TA=aP B −→ A: TB=bP . After the above messages are exchanged, ▇▇▇▇▇ com- putes KAB = e(QB, PB)a · e(xASA, TB), and ▇▇▇ computes KBA as follows: h(ID). (For example, ▇▇▇▇▇’s partial private key from TA is SA = sQA, where QA = h(▇▇▇)); KBA = e(QA , PA )b · e(xBSB , TA). 5) Finally, TA distributes the partial private key SID to the user with the identity information ID via a secure channel. After the above steps, ▇▇▇▇▇ and ▇▇▇ get their partial private key SA and SB, respectively. User Setup Phase. A user (▇▇▇▇▇) does the following to set up her public/private key pair (For simplic- ity of description, here we only describe a simplified version of user setup phase which is suitable for grid computing.): 1) She firstly chooses a xA ∈ Z∗ as her own-chosen partial private keys; 2) Then computes PA = xAPPub = xAsP as her public key; 3) Publishes her public key via an open directory that all users in the system have access to. After the above two setup phases, when another user (▇▇▇) wants to send a message to ▇▇▇▇▇, he must obtain ▇▇▇▇▇’s public key. However, no authentication of this public key is necessary and no public key certificate is required. 3.3 The ▇▇-▇▇▇▇▇▇-▇▇▇▇▇▇▇▇ ▇▇-AK Protocol Al-Riyami and ▇▇▇▇▇▇▇▇ also gave the first certificateless authentication and key agreement (CL-AK) protocol in [2]. Here we briefly review their protocol (hereafter re- ferred to as the AP’s CL-AK) [2]. The AP’s CL-AK pro- tocol consists of two phases: Setup and Key Agreement.
View Source
Key Agreement Phase. 3.2.1 Negotiatory Keys (NKs) f A ( x) . But in this paper, we make use of negotiatory keys so as to enhance security. The generation of negotiatory keys is as follows. For example, let ▇▇▇▇▇ has the key set A = {a1 (= a11 || a12 ), a 2 ( = a 21 || a 22 ), ..., am (= am1 || am 2 )} , ▇▇▇ has the key set B = {b1 (= b11 || b12 ), b2 ( = b21 || b22 ), ..., bm (= bm1 || bm 2 )} , and h() generates the value of limited length. Also, ri and r ' are random numbers where r ≠ r and i i−1 i r ' ≠ r ' for 1 ≤ i ≤ m . We yield a negotiatory key by concatenating the first half of i−1 i the key and a hash function's value, and in reverse. That is, the half of Alice's negotia- tory keys consists of {s11 (= a11 || h(a11 )), s 21 ( = a 21 || h(a 21 )), ..., sm1 (= am1 || h(am1 ))} . The other half consists of {s12 (h(a12 ) || a12 ), s22 (h(a22 ) || a22 ), ..., sm1 (h(am 2 ) || am 2 )} . Similarly, the first half of Bob’s negotiatory keys consists of the follow- ing. {t11 (= b11 || h(b11 )), t 21 ( = b21 || h(b21 )), ..., tm1 (= bm1 || h(bm1 ))} . Also, the second half consists of {t12 (= h(b12 ) || b12 ), t22 (= h(b22 ) || b22 ), ..., tm 2 (= h(bm 2 ) || bm 2 )} .
View Source
Key Agreement Phase. In this phase, entities A and B that have private/public key pairs, ( X A = DA , xA , YA = ▇▇▇ , PA ) and ( X B = DB , xB , YB = IDB , PB ) respectively, execute protocol 1. Description of the protocol is as follows: • Entity A, as initiator of the protocol, chooses two random numbers, rA1, rA2 ∈R Ζ* , and computes TA1 = rA1P and TA2 = rA2 P such that k A1, k A2 ≠ 0 modn , where k A1 and k A2 are x-coordinates of points TA1 and TA2 respectively. Then A signs points TA1 and TA2 as follows: SA = (k A1 ⋅ k A2 )(xAk AQA + DA )+ (k A1rA1 + k A2rA2 )QA Where k A is x-coordinate of public key PA . At the end of the step, A sends quantities (TA1,TA2 , SA ,YA = ▇▇▇ , PA ) to B. kB1, kB2 ≠ 0 modn . Then he computes rB1, rB2 ∈R Ζ* and computes TB1 = rB1P and TB2 = rB2 P where, SB = (kB1 ⋅ kB2 )(xBkBQB + DB )+ (kB1rB1 + kB2rB2 )QB Where k B is x-coordinate of public key
View Source

Related to Key Agreement Phase

  • Agreement Overview This SLA operates in conjunction with, and does not supersede or replace any part of, the Agreement. It outlines the information technology service levels that we will provide to you to ensure the availability of the application services that you have requested us to provide. All other support services are documented in the Support Call Process.

  • Development Agreement As soon as reasonably practicable following the ISO’s selection of a transmission Short-Term Reliability Process Solution, the ISO shall tender to the Developer that proposed the selected transmission Short-Term Reliability Process Solution a draft Development Agreement, with draft appendices completed by the ISO to the extent practicable, for review and completion by the Developer. The draft Development Agreement shall be in the form of the ISO’s Commission-approved Development Agreement for its Reliability Planning Process, which is in Appendix C in Section 31.7 of Attachment Y of the ISO OATT, as amended by the ISO to reflect the Short-Term Reliability Process. The ISO and the Developer shall finalize the Development Agreement and appendices as soon as reasonably practicable after the ISO’s tendering of the draft Development Agreement. For purposes of finalizing the Development Agreement, the ISO and Developer shall develop the description and dates for the milestones necessary to develop and construct the selected project by the required in-service date identified in the STAR or Generator Deactivation Assessment, including the milestones for obtaining all necessary authorizations. Any milestone that requires action by a Connecting Transmission Owner or Affected System Operator identified pursuant to Attachment P of the ISO OATT to complete must be included as an Advisory Milestone, as that term is defined in the Development Agreement. If the ISO or the Developer determines that negotiations are at an impasse, the ISO may file the Development Agreement in unexecuted form with the Commission on its own, or following the Developer’s request in writing that the agreement be filed unexecuted. If the Development Agreement is executed by both parties, the ISO shall file the agreement with the Commission for its acceptance within ten (10) Business Days after the execution of the Development Agreement by both parties. If the Developer requests that the Development Agreement be filed unexecuted, the ISO shall file the agreement at the Commission within ten (10) Business Days of receipt of the request from the Developer. The ISO will draft, to the extent practicable, the portions of the Development Agreement and appendices that are in dispute and will provide an explanation to the Commission of any matters as to which the parties disagree. The Developer will provide in a separate filing any comments that it has on the unexecuted agreement, including any alternative positions it may have with respect to the disputed provisions. Upon the ISO’s and the Developer’s execution of the Development Agreement or the ISO’s filing of an unexecuted Development Agreement with the Commission, the ISO and the Developer shall perform their respective obligations in accordance with the terms of the Development Agreement that are not in dispute, subject to modification by the Commission. The Connecting Transmission Owner(s) and Affected System Operator(s) that are identified in Attachment P of the ISO OATT in connection with the selected transmission Short-Term Reliability Process Solution shall act in good faith in timely performing their obligations that are required for the Developer to satisfy its obligations under the Development Agreement.

  • COMMENCEMENT OF WORK UNDER A SOW AGREEMENT Commencement of work as a result of the SOW-RFP process shall be initiated only upon issuance of a fully executed SOW Agreement and Purchase Order.

  • Agreement ▇▇▇ ▇▇▇▇ The Company shall not produce iron ore under this Agreement for transportation in any calendar year in excess of the approved production limit nor shall the total number of the mine workforce exceed the approved mine workforce without the prior consent in principle of the Minister and, subject to that consent, approval of detailed proposals in regard thereto in accordance with this Clause.

  • Collaboration Agreement The Collaboration Agreement shall not have been terminated in accordance with its terms and shall be in full force and effect.