Paper 2005/270
Examining Indistinguishability-Based Proof Models for Key Establishment Protocols
Kim-Kwang Raymond Choo, Colin Boyd, and Yvonne Hitchcock
Abstract
We examine various indistinguishability-based proof models for key establishment protocols, namely the Bellare & Rogaway (1993, 1995), the Bellare, Pointcheval, & Rogaway (2000), and the Canetti & Krawczyk (2001) proof models. We then consider several variants of these proof models, identify several subtle differences between these variants and models, and compare the relative strengths of the notions of security between the models. For each of the pair of relations between the models (either an implication or a non-implication), we provide proofs or counter-examples to support the observed relations. We also reveal a drawback with the original formulation of the Bellare, Pointcheval, & Rogaway (2000) model, whereby the Corrupt query is not allowed. As a case study, we use the Abdalla & Pointcheval (2005) three-party password-based key exchange protocol (3PAKE), which carries a proof of security in the Bellare, Pointcheval, & Rogaway (2000) model. We reveal a previously unpublished flaw in the protocol, and demonstrate that this attack would not be captured in the model due to the omission of the Corrupt query.
Metadata
- Available format(s)
- PDF PS
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. The abridged version of this paper is going to appear in the proceedings of Asiacrypt 2005, LNCS 3788/2005 (pp. 585--604).
- Contact author(s)
- k choo @ qut edu au
- History
- 2005-10-06: last of 4 revisions
- 2005-08-17: received
- See all versions
- Short URL
- https://ia.cr/2005/270
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2005/270, author = {Kim-Kwang Raymond Choo and Colin Boyd and Yvonne Hitchcock}, title = {Examining Indistinguishability-Based Proof Models for Key Establishment Protocols}, howpublished = {Cryptology {ePrint} Archive, Paper 2005/270}, year = {2005}, url = {https://eprint.iacr.org/2005/270} }