• Title/Summary/Keyword: eCK security model

Search Result 2, Processing Time 0.029 seconds

An eCK-secure Authenticated Key Exchange Protocol without Random Oracles

  • Moriyama, Daisuke;Okamoto, Tatsuaki
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.5 no.3
    • /
    • pp.607-625
    • /
    • 2011
  • Two-party key exchange protocol is a mechanism in which two parties communicate with each other over an insecure channel and output the same session key. A key exchange protocol that is secure against an active adversary who can control and modify the exchanged messages is called authenticated key exchange (AKE) protocol. LaMacchia, Lauter and Mityagin presented a strong security definition for public key infrastructure (PKI) based two-pass protocol, which we call the extended Canetti-Krawczyk (eCK) security model, and some researchers have provided eCK-secure AKE protocols in recent years. However, almost all protocols are provably secure in the random oracle model or rely on a special implementation technique so-called the NAXOS trick. In this paper, we present a PKI-based two-pass AKE protocol that is secure in the eCK security model. The security of the proposed protocol is proven without random oracles (under three assumptions), and does not rely on implementation techniques such as the NAXOS trick.

One-round Secure Key Exchange Protocol With Strong Forward Secrecy

  • Li, Xiaowei;Yang, Dengqi;Chen, Benhui;Zhang, Yuqing
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.11
    • /
    • pp.5639-5653
    • /
    • 2016
  • Security models for key exchange protocols have been researched for years, however, lots of them only focus on what secret can be compromised but they do not differentiate the timing of secrets compromise, such as the extended Canetti-Krawczyk (eCK) model. In this paper, we propose a new security model for key exchange protocols which can not only consider what keys can be compromised as well as when they are compromised. The proposed security model is important to the security proof of the key exchange protocols with forward secrecy (either weak forward secrecy (wFS) or strong forward secrecy (sFS)). In addition, a new kind of key compromise impersonation (KCI) attacks which is called strong key compromise impersonation (sKCI) attack is proposed. Finally, we provide a new one-round key exchange protocol called mOT+ based on mOT protocol. The security of the mOT+ is given in the new model. It can provide the properties of sKCI-resilience and sFS and it is secure even if the ephemeral key reveal query is considered.