Cryptology ePrint Archive: Report 2009/515

Blake-Wilson, Johnson and Menezes Protocol Revisited

Hai Huang and Zhenfu Cao

Abstract: In this paper, we investigate the famous Blake-Wilson, Johnson \& Menezes (BJM) authenticated key exchange protocols. We observe that the Corrupt query in the BJM model is not very reasonable, i.e. it fails to model the adversary's capability well. We modify the BJM model by providing it with a new Corrupt query. By this way, we bring the BJM model further to the practice. Besides, our modification has a significant impact on the security proofs of the BJM protocols. Specifically, the security proofs using CDH assumption will no longer work in the modified BJM model.With slight modification, we show that the BJM protocols are secure in the modified BJM model under the gap Diffie-Hellman assumption (GDH).

Category / Keywords: Authenticated key exchange, Provably secure, BJM protocol, Gap Diffie-Hellman Assumption

Publication Info: submitted to some journal

Date: received 22 Oct 2009, last revised 22 Oct 2009

Contact author: chinesechess at sjtu edu cn

Available formats: PDF | BibTeX Citation

Version: 20091026:110214 (All versions of this report)

Discussion forum: Show discussion | Start new discussion