Paper 2006/386

The Wrestlers Protocol: A simple, practical, secure, deniable protocol for key-exchange

Mark Wooding

Abstract

We describe and prove (in the random-oracle model) the security of a simple but efficient zero-knowledge identification scheme, whose security is based on the computational Diffie-Hellman problem. Unlike other recent proposals for efficient identification protocols, we don't need any additional assumptions, such as the Knowledge of Exponent assumption. From this beginning, we build a simple key-exchange protocol, and prove that it achieves `SK-security' -- and hence security in Canetti's Universal Composability framework. Finally, we show how to turn the simple key-exchange protocol into a slightly more complex one which provides a number of valuable `real-life' properties, without damaging its security.

Metadata
Available format(s)
PDF PS
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
public-key cryptographykey agreementkey exchangedeniabilityzero knowledge
Contact author(s)
mdw @ distorted org uk
History
2006-11-03: received
Short URL
https://ia.cr/2006/386
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2006/386,
      author = {Mark Wooding},
      title = {The Wrestlers Protocol: A simple, practical, secure, deniable protocol for key-exchange},
      howpublished = {Cryptology {ePrint} Archive, Paper 2006/386},
      year = {2006},
      url = {https://eprint.iacr.org/2006/386}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.