Paper 2007/188
A Proof of Revised Yahalom Protocol in the Bellare and Rogaway (1993) Model
Kim-Kwang Raymond Choo
Abstract
Although the Yahalom protocol, proposed by Burrows, Abadi, and Needham in 1990, is one of the most prominent key establishment protocols analyzed by researchers from the computer security community (using automated proof tools), a simplified version of the protocol is only recently proven secure by Backes and Pfitzmann (2006) in their \textit{cryptographic library} framework. We present a protocol for key establishment that is closely based on the Yahalom protocol. We then present a security proof in the Bellare and Rogaway (1993) model and the random oracle model. We also observe that no partnering mechanism is specified within the Yahalom protocol. We then present a brief discussion on the role and the possible construct of session identifiers as a form of partnering mechanism, which allows the right session key to be identified in concurrent protocol executions. We then recommend that session identifiers should be included within protocol specification rather than consider session identifiers as artefacts in protocol proof.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. This is the pre-print version of an article that has been accepted for publication in The Computer Journal, published by Oxford University Press [on behalf of The British Computer Society]. All rights reserved.
- Contact author(s)
- raymond choo au @ gmail com
- History
- 2007-05-22: received
- Short URL
- https://ia.cr/2007/188
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2007/188,
author = {Kim-Kwang Raymond Choo},
title = {A Proof of Revised Yahalom Protocol in the Bellare and Rogaway (1993) Model},
howpublished = {Cryptology {ePrint} Archive, Paper 2007/188},
year = {2007},
url = {https://eprint.iacr.org/2007/188}
}
