Entity Authentication and Authenticated Key Transport Protocols Employing Asymmetric Techniques

This paper investigates security proofs for protocols that employ asymmetric (public-key) techniques to solve two problems: entity authentication and authenticated key transport. A formal model is provided, and a deenition of the goals within this model is supplied. Two protocols are presented and proven secure within this framework, given the existence of certain cryptographic primitives. The practical implementation of these protocols is discussed. We emphasize the relevance of these theoretical results to the security of systems used in practice. In particular, our results imply the security of some protocols standardized by ISO 15, 16] and NIST 20] in the model proposed. This work is heavily innuenced by the work of Bellare and Rogaway 1, 5], who demonstrate proven secure protocols for these problems using symmetric cryptosystems. Our paper is an extension of their work to the public-key setting.