Secret Sharing-based Authenticated Key Agreement Protocol

In this article, we present two novel authenticated key agreement (AKA) schemes that are easily implementable and efficient even on constrained devices. Both schemes are constructed over elliptic curves and extend Schonorr's signature of knowledge protocol. To the best of our knowledge, we introduce a first AKA protocol based on the proof of knowledge concept. This concept allows a client to prove its identity to a server via secret information while the server can learn nothing about the secret. Furthermore, we extend our protocol via secret sharing to support client multi-device authentication and multi-factor authentication features. In particular, the secret of the client can be distributed among the client's devices. The experimental analysis shows that our secret sharing AKA (SSAKA) can establish a secure communication channel in less than 600 ms for one secondary device and 128-bit security strength. The protocol is fast even on very constrained secondary devices, where in most of cases takes less than 500 ms. Note that the time consumption depends on the computational capabilities of the hardware.