Journal of KIISE:Computer Systems and Theory (한국정보과학회논문지:시스템및이론)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

One-round Protocols for Two-Party Authenticated Key Exchange

1-라운드 양자간 키 교환 프로토콜

  • 정익래 (고려대학교 정보보호센터) ;
  • 이동훈 (고려대학교 정보보호대학원)
  • Published : 2006.02.01
Download PDF
⟨ Previous Next ⟩

Abstract

Cryptographic protocol design in a two-party setting has of tel ignored the possibility of simultaneous message transmission by each of the two parties (i.e., using a duplex channel). In particular, most protocols for two-party key exchange have been designed assuming that parties alternate sending their messages (i.e., assuming a bidirectional half-duplex channel). However, by taking advantage of the communication characteristics of the network it may be possible to design protocols with improved latency. This is the focus of the present work. We present three provably-secure protocols for two-party authenticated key exchange (AKE) which require only a single round. Our first, most efficient protocol provides key independence but not forward secrecy. Our second scheme additionally provides forward secrecy but requires some additional computation. Security of these two protocols is analyzed in the random oracle model. Our final protocol provides the same strong security guarantees as our second protocol, but is proven secure in the standard model. This scheme is only slightly less efficient (from a computational perspective) than the previous ones. Our work provides the first provably- secure one-round protocols for two-party AKE which achieve forward secrecy.

양자간 암호학 프로토콜 디자인에서 잘 고려되지 않는 사항 중에 동시 메시지 전송이 있다. 즉, 듀플렉스(duplex) 채널을 사용해서 통신하는 두 파티는 동시에 메시지를 보낼 수 있다. 하지만 대부분의 양자간 키 교환 프로토콜은 두 파티가 교대로 메시지를 보내는 하프 듀플렉스(half-duplex) 채널을 가정해서 디자인되었다. 이 논문에서 우리는 듀플렉스 채널을 사용할 경우에 동시 메시지 전송을 사용해서 좀 더 효율적인 양자간 키 교환 프로토콜을 설계할 수 있음을 보인다 이 논문에서는 세 개의 안전성 증명 가능한 1-라운드 양자간 키 교환 프로토콜들을 제안한다. 첫 번째 프로토콜은 가장 효율적이며, 세션키 독립성(key independence)을 보장한다. 두 번째 프로토콜은 세션키 독립성과 더불어 전방위 안전성(forward secrecy)을 보장한다. 세 번째 프로토콜은 두 번째 프로토콜과 같은 안전성을 보장하지만, 표준모델(standard model)에서 안전성이 증명된다. 우리가 제안하는 프로토콜들은 최초의 안전성 증명이 가능하면서 전방위 안전성을 제공하는 1-라운드 양자간 키 교환 프로토콜이다.

Keywords

References

  1. M. Bellare and P. Rogaway. Entity Authentication and Key Distribution. Adv. in Cryptology-Crypto '93
  2. S. Blake-Wilson, D. Johnson, and A. Menezes. Key Agreement Protocols and their Security Analysis. 6th IMA Intl, Conf. on Cryptography and Coding, 1997
  3. M. Bellare, R. Canetti, and H. Krawczyk. A Modular Approach to the Design and Analysis of Authentication and Key Exchange Protocols. STOC '98 https://doi.org/10.1145/276698.276854
  4. D. Denning and G. M. Sacco. Timestamps in Key Distribution Protocols. Comm. ACM 24(8): 533-536 (1981) https://doi.org/10.1145/358722.358740
  5. W. Diffie, P. van Oorschot, and M. Wiener. Authentication and Authenticated Key Exchanges. Designs, Codes, and Cryptography 2(2): 107-125 (1992) https://doi.org/10.1007/BF00124891
  6. W. Diffie and M. Hellman. New Directions in Cryptography. IEEE Trans. Information Theory 22(6): 644-654 (1976) https://doi.org/10.1109/TIT.1976.1055638
  7. L. Law, A. Menezes, M. Qu, J. Solinas, and S. Vanstone. An Efficient Protocol for Authenticated Key Agreement. Technical report CORR 98-05, University of Waterloo, 1988
  8. T. Matsumoto, Y. Takashima, and H. Imai. On Seeking Smart Public-Key Distribution Systems. Trans. of the IECE of Japan, E69, pp.99-106, 1986
  9. National Security Agency. SKIPJACK and KEA Algorithm Specification. Version 2.0, May 29, 1998
  10. S. Blake-Wilson and A. Menezes. Authenticated Diffie-Hellman Key Agreement Protocols. Selected Areas in Cryptography, 1998
  11. R. Ankney, D. Johnson, and M. Matyas. The Unified Model. Contribution to ANSI X9F1, October 1995
  12. C. Boyd and J.M.G. Nieto. Round-Optimal Contributory Conference Key Agreement. Public Key Cryptography, 2003
  13. J. Katz and M. Yung. Scalable Protocols for Authenticated Group Key Exchange. Adv. in Cryptology - Crypto 2003
  14. M. Bellare, D. Pointcheval, and P. Rogaway. Authenticated key agreement secure against dictionary attacks. In Proc. of EUROCRYPT '00
  15. G. Ateniese, M. Steiner, and G. Tsudik. New Multi-Party Authentication Services and Key Agreement Protocols. IEEE J. on Selected Areas in Communications 18(4): 628-639 (2000) https://doi.org/10.1109/49.839937
  16. M. Bellare, A. Boldyreva, and S. Micali. PublicKey Encryption in a Multi-User Setting: Security Proofs and Improvements. Adv. in Cryptology Eurocrypt 2000
  17. R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva, and M. Yung. Systematic Design of Two-Party Authentication Protocols. IEEE J. on Selected Areas in Communications 11(5): 679-693 (1993) https://doi.org/10.1109/49.223869
  18. C. Boyd. On Key Agreement and Conference Key Agreement. ACISP 1997
  19. E. Bresson, O. Chevassut, and D. Pointcheval. Provably Authenticated Group Diffie-Hellman Key Exchange-The Dynamic Case. Adv. in CryptologyAsiacrypt 2001
  20. E. Bresson, O. Chevassut, and D. Pointcheval. Dynamic Group Diffie-Hellman Key Exchange under Standard Assumptions. Adv. in Cryptology- Eurocrypt 2002
  21. E. Bresson, O. Chevassut, D. Pointcheval, and J.- J. Quisquater. Provably Authenticated Group Diffie-Hellman Key Exchange. ACM Conf. on Computer and Communications Security, 2001 https://doi.org/10.1145/501983.502018
  22. M. Burmester and Y. Desmedt. A Secure and Efficient Conference Key Distribution System. Advances in Cryptology - Eurocrypt '94
  23. R. Canetti and H. Krawczyk. Universally Composable Notions of Key Exchange and Secure Channels. Adv. in Cryptology - Eurocrypt 2002
  24. I. Ingemarasson, D.T. Tang, and ex. Wong. A Conference Key Distribution System. IEEE Trans. on Information Theory 28(5): 714-720 (1982) https://doi.org/10.1109/TIT.1982.1056542
  25. M. Just and S. Vaudenay. Authenticated Multi-Party Key Agreement. Adv. in CryptologyAsiacrypt '96
  26. V. Shoup. On Formal Models for Secure Key Exchange. Available at http://eprint.iacr.org
  27. M. Steiner, G. Tsudik, and M. Waidner. Diffie-Hellman Key Distribution Extended to Group Communication. ACM Conf. on Computer and Communications Security, 1996 https://doi.org/10.1145/238168.238182
  28. W.-G. Tzeng. A Practical and Secure-FaultTolerant Conference-Key Agreement Protocol. Public Key Cryptography, 2000