LR-CAKA: A leakage-resilient compatible authenticated key agreement protocol for heterogeneous public-key cryptosystems

Authenticated key agreement (AKA) is a fundamental cryptographic primitive that enables two remote members in a public-key cryptosystem (PKCS) to mutually authenticate and generate a session key, which is then used to encrypt and decrypt messages between them. In the past, numerous AKA protocols based on various PKCSs have been designed. In response to the growing threat of side-channel attacks, researchers have proposed some leakage-resilient AKA (LR-AKA) protocols that maintain security even when partial private key information is exposed. However, existing LR-AKA protocols are generally designed for homogeneous environments, where both members operate within the same PKCS. To address this limitation, we propose the first leakage-resilient compatible AKA (LR-CAKA) protocol for heterogeneous PKCSs. The LR-CAKA protocol enables secure and efficient authenticated key agreement between two members operating under different PKCSs, specifically between a member in the public-key infrastructure PKCS (PKI-PKCS) and the other in the certificateless PKCS (CL-PKCS). Also, we introduce a PKCS upgrade procedure from the PKI-PKCS to the CL-PKCS. The security of the LR-CAKA protocol is formally proven using a technique based on the generic bilinear group (GBG) model, under the discrete logarithm (DL), computational Diffie–Hellman (CDH) and hash function (HF) assumptions. Finally, performance evaluations and comparative analysis demonstrate that the LR-CAKA protocol offers significant advantages over existing LR-AKA protocols.