Cryptology ePrint Archive: Report 2006/386

The Wrestlers Protocol: A simple, practical, secure, deniable protocol for key-exchange

Mark Wooding

Abstract: We describe and prove (in the random-oracle model) the security of a simple but efficient zero-knowledge identification scheme, whose security is based on the computational Diffie-Hellman problem. Unlike other recent proposals for efficient identification protocols, we don't need any additional assumptions, such as the Knowledge of Exponent assumption.

From this beginning, we build a simple key-exchange protocol, and prove that it achieves `SK-security' -- and hence security in Canetti's Universal Composability framework.

Finally, we show how to turn the simple key-exchange protocol into a slightly more complex one which provides a number of valuable `real-life' properties, without damaging its security.

Category / Keywords: cryptographic protocols / public-key cryptography, key agreement, key exchange, deniability, zero knowledge

Date: received 2 Nov 2006

Contact author: mdw at distorted org uk

Available formats: Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20061103:164056 (All versions of this report)

Discussion forum: Show discussion | Start new discussion