Cryptology ePrint Archive: Report 2003/063
Initiator-Resilient Universally Composable Key Exchange
Dennis Hofheinz and Joern Mueller-Quade and Rainer Steinwandt
Abstract: Key exchange protocols in the setting of universal composability are investigated. First we show that the ideal functionality F_KE of [CK02] cannot be realized in the presence of adaptive adversaries, thereby disproving a claim in [CK02]. We proceed to propose a modification F_KE^(i,j), which is proven to be realizable by two natural protocols for key exchange. Furthermore, sufficient conditions for securely realizing this modified functionality are given. Two notions of key exchange are introduced that allow for security statements even when one party is corrupted. Two natural key exchange protocols are proven to fulfill the "weaker" of these notions, and a construction for deriving protocols that satisfy the "stronger" notion is given.
Category / Keywords: cryptographic protocols / formal cryptography, cryptographic protocols, universal composition, key exchange
Publication Info: Published in Proceedings of ESORICS 2003, Springer LNCS 2808.
Date: received 8 Apr 2003, last revised 25 Nov 2003
Contact author: hofheinz at ira uka de
Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation
Note: This is the version published in the proceedings of ESORICS 2003, apart from a corrected Remark 4.
Version: 20031125:112024 (All versions of this report)
Short URL: ia.cr/2003/063
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]