LAUSR

Authenticated key exchange (AKE) scheme is one of the most widely used cryptographic primitives in practice, even in the Internet-of-Things (IoT) environments. In order to resist side-channel attacks, several works have been proposed for defining leakage-resilient (LR) security models and constructing LR-AKE protocols. However, all these LR-AKE schemes employed the traditional X.509 certificate-based public-key infrastructure authentication framework, where the online transmission and verification of the public-key certificate are the major drawbacks. In this paper, we first propose a general framework for constructing identity-based AKE protocols in the bounded after-the-fact LR extended-Canetti–Krawczyk security model, and show a formal proof in the standard model. Our proposed scheme offers a flexible approach to simplify the certificate management. Moreover, our result could be extended to the bounded-retrieval model, yielding the first LR-AKE protocol in this model.