Browse Prior Art Database

IBAKE: Identity-Based Authenticated Key Exchange (RFC6539) Disclosure Number: IPCOM000215746D
Original Publication Date: 2012-Mar-01
Included in the Prior Art Database: 2012-Mar-08
Document File: 26 page(s) / 29K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

V. Cakulev: AUTHOR [+2]


Authenticated key agreements are cryptographic protocols where two or more participants authenticate each other and agree on key material used for securing future communication. These protocols could be symmetric key or asymmetric public-key protocols. Symmetric-key protocols require an out-of-band security mechanism to bootstrap a secret key. On the other hand, public-key protocols traditionally require certificates and a large-scale Public Key Infrastructure (PKI). Clearly, public-key methods are more flexible; however, the requirement for certificates and a large-scale PKI have proved to be challenging. In particular, efficient methods to support large-scale certificate revocation and management have proved to be elusive.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 9% of the total text.

Independent Submission                                        V. Cakulev Request for Comments: 6539                                   G. Sundaram Category: Informational                                      I. Broustis ISSN: 2070-1721                                           Alcatel Lucent                                                               March 2012

             IBAKE: Identity-Based Authenticated Key Exchange


   Cryptographic protocols based on public-key methods have been    traditionally based on certificates and Public Key Infrastructure    (PKI) to support certificate management.  The emerging field of    Identity-Based Encryption (IBE) protocols allows simplification of    infrastructure requirements via a Private-Key Generator (PKG) while    providing the same flexibility.  However, one significant limitation    of IBE methods is that the PKG can end up being a de facto key escrow    server, with undesirable consequences.  Another observed deficiency    is a lack of mutual authentication of communicating parties.  This    document specifies the Identity-Based Authenticated Key Exchange    (IBAKE) protocol.  IBAKE does not suffer from the key escrow problem    and in addition provides mutual authentication as well as perfect    forward and backward secrecy.

Status of This Memo

   This document is not an Internet Standards Track specification; it is    published for informational purposes.

   This is a contribution to the RFC Series, independently of any other    RFC stream.  The RFC Editor has chosen to publish this document at    its discretion and makes no statement about its value for    implementation or deployment.  Documents approved for publication by    the RFC Editor are not a candidate for any level of Internet    Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,    and how to provide feedback on it may be obtained at

Independent Submissions Editor Note

   This document specifies the Identity-Based Authenticated Key Exchange    (IBAKE) protocol.  Due to its specialized nature, this document    experienced limited review within the Internet Community.  Readers of    this RFC should carefully evaluate its value for implementation and    deployment.

Cakulev, et al.               Informational                     [Page 1]
 RFC 6539                          IBAKE                       March 2012

 Copyright Notice

   Copyright (c) 2012 IETF Trust and the persons identified as the    document authors.  All rights re...