KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

An eCK-secure Authenticated Key Exchange Protocol without Random Oracles

  • Received : 2010.09.15
  • Accepted : 2011.02.22
  • Published : 2011.03.31
Download PDF
⟨ Previous Next ⟩

Abstract

Two-party key exchange protocol is a mechanism in which two parties communicate with each other over an insecure channel and output the same session key. A key exchange protocol that is secure against an active adversary who can control and modify the exchanged messages is called authenticated key exchange (AKE) protocol. LaMacchia, Lauter and Mityagin presented a strong security definition for public key infrastructure (PKI) based two-pass protocol, which we call the extended Canetti-Krawczyk (eCK) security model, and some researchers have provided eCK-secure AKE protocols in recent years. However, almost all protocols are provably secure in the random oracle model or rely on a special implementation technique so-called the NAXOS trick. In this paper, we present a PKI-based two-pass AKE protocol that is secure in the eCK security model. The security of the proposed protocol is proven without random oracles (under three assumptions), and does not rely on implementation techniques such as the NAXOS trick.

Keywords

References

  1. Mihir Bellare and Phillip Rogaway, "Entity authentication and key distribution," in Proc. of Advances in Cryptology - CRYPTO, pp.232-249, 1993.
  2. Ran Canetti and Hugo Krawczyk, "Analysis of key-exchange protocols and their use for building secure channels," in Proc. of Advances in Cryptology - EUROCRYPTO, pp.453-474, 2001.
  3. Mihir Bellare, David. Pointcheval and Phillip Rogaway, "Authenticated key exchange secure against dictionary attacks, " in Proc. of Advances in Cryptology - EUROCRYPTO, pp.139-155, 2000.
  4. Brian LaMacchia, Kristin Lauter and Anton. Mityagin, "Stronger security of authenticated key exchange," in Proc. of 1st Int. Conference on Provable Security, pp.1-16, 2007.
  5. Berkant Ustaoglu, "Obtaining a secure and efficient key agreement protocol from HMQV and NAXOS," in Designs, Codes and Cryptography, vol. 46, no. 3, pp. 329-342, 2008. https://doi.org/10.1007/s10623-007-9159-1
  6. Tatsuaki Okamoto, "Authenticated key exchange and key encapsulation without random oracles," in Cryptology ePrint Archive, Report 2007/473, 2007.
  7. Jooyoung Lee and Je Hong Park, "Authenticated key exchange secure under the computational Diffie-Hellman assumption," in Cryptology ePrint Archive, Report 2008/344, 2008.
  8. Jooyoung Lee and Choon Sik Park, "An efficient authenticated key exchange protocol with a tight security reduction," in Cryptology ePrint Archive, Report 2008/345, 2008.
  9. Jiang Wu and Berkant Ustaoglu, "Efficient key exchange with tight security reduction," in Cryptology ePrint Archive, Report 2009/288, 2009.
  10. Berkant Ustaoglu, "Comparing SessionStateReveal and EphemeralKeyReveal for Diffie-Hellman protocols," in Proc. of 3rd Int. Conference on Provable Security, pp. 183-197, Springer, Heidelberg, 2009.
  11. Minkyu Kim, Atsushi Fujioka and Berkant Ustaoglu, "Strongly secure authenticated key exchange without NAXOS approach," in Proc. of International Workshop on Security, pp. 174-191, 2009.
  12. Augustin P. Sarr, Philippe Elbaz-Vincent and Jean-Claude Bajard, "A secure and efficient authenticated Diffie-Hellman protocol," in Proc. of EUROPKI 2009, pp. 83-998, 2009.
  13. Daisuke Moriyama and Tatsuaki Okamoto, "An eCK-secure authenticated key exchange protocol without random oracles," in Proc. of 3rd Int. Conference on Provable Security, pp.154-167, 2009.
  14. Hugo Krawczyk, "HMQV: A high-performance secure Diffie-Hellman protocol," in Proc. of Advances in Cryptology - CRYPTO, pp. 546-566, 2005.
  15. Ran Canetti, Oded Goldreich and Shai Halevi, "The random oracle model revisited," in Proc. of the 13th Annual ACM Symposium on the Theory of Computing, pp. 209-218, 1998.

Cited by

  1. Characterization of Strongly Secure Authenticated Key Exchanges without NAXOS Technique vol.ea96, pp.6, 2013, https://doi.org/10.1587/transfun.e96.a.1088