Paper 2009/515

Blake-Wilson, Johnson and Menezes Protocol Revisited

Hai Huang and Zhenfu Cao

Abstract

In this paper, we investigate the famous Blake-Wilson, Johnson \& Menezes (BJM) authenticated key exchange protocols. We observe that the Corrupt query in the BJM model is not very reasonable, i.e. it fails to model the adversary's capability well. We modify the BJM model by providing it with a new Corrupt query. By this way, we bring the BJM model further to the practice. Besides, our modification has a significant impact on the security proofs of the BJM protocols. Specifically, the security proofs using CDH assumption will no longer work in the modified BJM model.With slight modification, we show that the BJM protocols are secure in the modified BJM model under the gap Diffie-Hellman assumption (GDH).

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. submitted to some journal
Keywords
Authenticated key exchangeProvably secureBJM protocolGap Diffie-Hellman Assumption
Contact author(s)
chinesechess @ sjtu edu cn
History
2009-10-26: received
Short URL
https://ia.cr/2009/515
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2009/515,
      author = {Hai Huang and Zhenfu Cao},
      title = {Blake-Wilson, Johnson and Menezes Protocol Revisited},
      howpublished = {Cryptology {ePrint} Archive, Paper 2009/515},
      year = {2009},
      url = {https://eprint.iacr.org/2009/515}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.