Abstract: The certificateless-based authenticated key agreement protocols have the advantages of simplicity of managing identities compared to the PKI-based schemes，as well as avoiding the key escrow issues inherited in the identity-based schemes.This paper proposes a two-party certificateless-based authenticated key agreement scheme based on a provably secure certificateless-based public key encryption scheme.The comparisons with other comparable schemes in security and efficiency show that，the new scheme achieves more of the desired security attributes，such as perfect forward secrecy，PKG forward secrecy，known session-specific temporary information secrecy and key escrowless.Meanwhile it keeps the nice computational efficiency.

摘要： 基于无证书的认证密钥协商方案相比基于PKI的方案具有身份管理的简单性，同时相比基于身份的方案具有无密钥托管性。基于可证安全的无证书加密方案提出了一个两方认证密钥协商方案.通过与其他方案在安全性和有效性方面的比较，该方案满足更多的安全属性要求，如完美前向安全性，PKG前向安全性，已知会话相关临时秘密信息安全性和无密钥托管等安全特性，同时具有良好的计算有效性。