McCullagh-Barreto key agreement protocol and its variant achieve perfect forward security and key generation center (KGC) forward security, but provide no resistance to key compromise impersonation attack (KCI attack). In this paper, we give a formal treatment of key compromise impersonation (KCI) attack and define the security notion against it. Then an variant of McCullagh-Barreto protocol is presented with only one more Hash operation. The improved protocol preserves perfect forward security and KGC forward security, and furthermore is proved to be secure against KCI attack under k-Gap-BCAA1 assumption. © 2009 The Journal of China Universities of Posts and Telecommunications.
WANG, X. fen, DONG, Q. kuan, ZHOU, Y., & XIAO, G. zhen. (2009). Improvement of McCullagh-Barreto key agreement with KCI-security. Journal of China Universities of Posts and Telecommunications, 16(2). https://doi.org/10.1016/S1005-8885(08)60205-8