On reusing ephemeral keys in Diffie-Hellman key agreement protocols
نویسندگان
چکیده
A party may choose to reuse ephemeral public keys in a Diffie-Hellman key agreement protocol in order to reduce its computational workload or to mitigate against denial-of-service attacks. In this note we highlight the danger of reusing ephemeral keys if domain parameters are not appropriately selected or if public keys are not appropriately validated.
منابع مشابه
On the Importance of Public-Key Validation in the MQV and HMQV Key Agreement Protocols
HMQV is a hashed variant of the MQV key agreement protocol proposed by Krawczyk at CRYPTO 2005. In this paper, we present some attacks on HMQV and MQV that are successful if public keys are not properly validated. In particular, we present an attack on the twopass HMQV protocol that does not require knowledge of the victim’s ephemeral private keys. The attacks illustrate the importance of perfo...
متن کاملDiffie-Hellman type key exchange protocols based on isogenies
In this paper, we propose some Diffie-Hellman type key exchange protocols using isogenies of elliptic curves. The first method which uses the endomorphism ring of an ordinary elliptic curve $ E $, is a straightforward generalization of elliptic curve Diffie-Hellman key exchange. The method uses commutativity of the endomorphism ring $ End(E) $. Then using dual isogenies, we propose...
متن کاملSufficient Condition for Ephemeral Key-Leakage Resilient Tripartite Key Exchange
Tripartite (Diffie-Hellman) Key Exchange (3KE), introduced by Joux (ANTS-IV 2000), represents today the only known class of group key exchange protocols, in which computation of unauthenticated session keys requires one round and proceeds with minimal computation and communication overhead. The first one-round authenticated 3KE version that preserved the unique efficiency properties of the orig...
متن کاملOn the Relations Between Diffie-Hellman and ID-Based Key Agreement from Pairings
This paper studies the relationships between the traditional Diffie-Hellman key agreement protocol and the identity-based (ID-based) key agreement protocol from pairings. For the Sakai-Ohgishi-Kasahara (SOK) ID-based key construction, we show that identical to the Diffie-Hellman protocol, the SOK key agreement protocol also has three variants, namely ephemeral, semi-static and static versions. ...
متن کاملEfficient group Diffie-Hellman key agreement protocols
In a group Diffie–Hellman (GDH) key agreement protocol, all group members collaboratively establish a group key. Most GDH key agreement protocols took natural generalization of the original Diffie–Hellman (DH) key agreement protocol to arrange all group members in a logic ring or a binary tree and to exchange DH public keys. The computational cost and the communication rounds are the two most i...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IJACT
دوره 2 شماره
صفحات -
تاریخ انتشار 2010