Cryptology ePrint Archive: Report 2003/063

Initiator-Resilient Universally Composable Key Exchange

Dennis Hofheinz and Joern Mueller-Quade and Rainer Steinwandt

Abstract: Key exchange protocols in the setting of universal composability are investigated. First we show that the ideal functionality F_KE of [CK02] cannot be realized in the presence of adaptive adversaries, thereby disproving a claim in [CK02]. We proceed to propose a modification F_KE^(i,j), which is proven to be realizable by two natural protocols for key exchange. Furthermore, sufficient conditions for securely realizing this modified functionality are given. Two notions of key exchange are introduced that allow for security statements even when one party is corrupted. Two natural key exchange protocols are proven to fulfill the "weaker" of these notions, and a construction for deriving protocols that satisfy the "stronger" notion is given.

Category / Keywords: cryptographic protocols / formal cryptography, cryptographic protocols, universal composition, key exchange

Publication Info: Published in Proceedings of ESORICS 2003, Springer LNCS 2808.

Date: received 8 Apr 2003, last revised 25 Nov 2003

Contact author: hofheinz at ira uka de

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Note: This is the version published in the proceedings of ESORICS 2003, apart from a corrected Remark 4.

Version: 20031125:112024 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]