Tightly-Secure Authenticated Key Exchange
نویسندگان
چکیده
We construct the first Authenticated Key Exchange (AKE) protocol whose security does not degrade with an increasing number of users or sessions. We describe a three-message protocol and prove security in an enhanced version of the classical Bellare-Rogaway security model. Our construction is modular, and can be instantiated efficiently from standard assumptions (such as the SXDH or DLIN assumptions in pairing-friendly groups). For instance, we provide an SXDH-based protocol whose communication complexity is only 14 group elements and 4 exponents (plus some bookkeeping information). Along the way we develop new, stronger security definitions for digital signatures and key encapsulation mechanisms. For instance, we introduce a security model for digital signatures that provides existential unforgeability under chosen-message attacks in a multi-user setting with adaptive corruptions of secret keys. We show how to construct efficient schemes that satisfy the new definitions with tight security proofs under standard assumptions.
منابع مشابه
Tightly-Secure Authenticated Key Exchange without NAXOS' approach based on Decision Linear Problem
Design secure Authenticated Key Exchange (AKE) protocol without NAXOS approach is remaining as an open problem. NAXOS approach [4] is used to hide the secret ephemeral key from an adversary even if the adversary in somehow may obtain the ephemeral secret key. Using NAXOS approach will cause two main drawbacks, (i) leaking of the static secret key which will be used in computing the exponent of ...
متن کاملA secure anonymous routing protocol with authenticated key exchange for ad hoc networks
Anonymity and authenticated key exchange should be paid much more attention in secure mobile ad hoc routing protocols, especially in privacy-vital environment. However, as far as we know, few papers on secure routing protocols have addressed both the anonymity and authenticated key exchange. Therefore, in this paper, we present a new secure anonymous routing protocol with authenticated key exch...
متن کاملAuthenticated key exchange protocol with enhanced freshness properties
In this paper, we investigate the security model for authenticated key exchange protocols. We observe that there is further room to extend the latest enhanced Canetti-Krawczyk (eCK) model. We further enhance the freshness definition for the threepass authenticated key exchange protocols such that our new definition gives the adversary more capabilities. We point out that the three-pass authenti...
متن کاملMulti-factor Authenticated Key Exchange
In order to increase the security for authenticated key exchange protocols, various authentication means can be used together. In this paper, we introduce a security model for multi-factor authenticated key exchange, which combines a password, a secure device, and biometric authentications. We thereafter present a scheme, that can be proven secure, in the random-oracle model.
متن کاملAuthenticated Session Keys and Their Server-aided Computation
Key exchange is one of the elementary prerequisites for secure communications. This paper rst discusses some desirable properties of key exchange protocols, and then presents a set of protocols for Diie-Hellman based authenticated key exchange. This paper then considers a server-aided approach to fast computation of shared secrets, which may be useful for smart card implementation of key exchange.
متن کاملAn eCK-Secure One Round Authenticated Key Exchange Protocol with Perfect Forward Security
This paper investigates the two-pass (one round) authenticated key exchange protocol in the enhanced Canetti-Krawczyk (eCK) model with perfect forward security against active adversary. Currently, there exist no authenticated key exchange protocols which are provably secure in the eCK model and meanwhile achieve perfect forward security against active adversary in one round. We propose a new tw...
متن کامل