Modelling After-the-fact Leakage for Key Exchange (full Version)

نویسندگان

  • Janaka Alawatugoda
  • Douglas Stebila
  • Colin Boyd
چکیده

Security models for two-party authenticated key exchange (AKE) protocols have developed over timeto prove the security of AKE protocols even when the adversary learns certain secret values. In this work,we address more granular leakage: partial leakage of long-term secrets of protocol principals, even after thesession key is established. We introduce a generic key exchange security model, which can be instantiatedallowing bounded or continuous leakage, even when the adversary learns certain ephemeral secrets orsession keys. Our model is the strongest known partial-leakage-based security model for key exchangeprotocols. We propose a generic construction of a two-pass leakage-resilient key exchange protocol thatis secure in the proposed model, by introducing a new concept: the leakage-resilient NAXOS trick. Weidentify a special property for public-key cryptosystems: pair generation indistinguishability, and showhow to obtain the leakage-resilient NAXOS trick from a pair generation indistinguishable leakage-resilientpublic-key cryptosystem.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Continuous After-the-fact Leakage-Resilient Key Exchange (full version)

Security models for two-party authenticated key exchange (AKE) protocols have developed over time to provide security even when the adversary learns certain secret keys. In this work, we advance the modelling of AKE protocols by considering more granular, continuous leakage of long-term secrets of protocol participants: the adversary can adaptively request arbitrary leakage of long-term secrets...

متن کامل

Continuous After-the-Fact Leakage-Resilient Key Exchange

Security models for two-party authenticated key exchange (AKE) protocols have developed over time to provide security even when the adversary learns certain secret keys. In this work, we advance the modelling of AKE protocols by considering more granular, continuous leakage of long-term secrets of protocol participants: the adversary can adaptively request arbitrary leakage of long-term secrets...

متن کامل

Efficient Compilers for After-the-Fact Leakage: From CPA to CCA-2 Secure PKE to AKE

The goal of leakage-resilient cryptography is to construct cryptographic algorithms that are secure even if the adversary obtains side-channel information from the real world implementation of these algorithms. Most of the prior works on leakage-resilient cryptography consider leakage models where the adversary has access to the leakage oracle before the challenge-ciphertext is generated (befor...

متن کامل

Continuous After-the-Fact Leakage-Resilient eCK-Secure Key Exchange

Security models for two-party authenticated key exchange (AKE) protocols have developed overtime to capture the security of AKE protocols even when the adversary learns certain secret values.Increased granularity of security can be modelled by considering partial leakage of secrets in themanner of models for leakage-resilient cryptography, designed to capture side-channel attacks. I...

متن کامل

On the leakage-resilient key exchange

Typically, secure channels are constructed from an authenticated key exchange (AKE) protocol,which authenticates the communicating parties based on long-term public keys and establishes secretsession keys. In this paper we address the partial leakage of long-term secret keys of key exchangeprotocol participants due to various side-channel attacks. Security models for two-party authe...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2014