Paper 2012/211

Strongly Secure Authenticated Key Exchange from Factoring, Codes, and Lattices

Atsushi Fujioka, Koutarou Suzuki, Keita Xagawa, and Kazuki Yoneyama

Abstract

An unresolved problem in research on authenticated key exchange (AKE) is to construct a secure protocol against advanced attacks such as key compromise impersonation and maximal exposure attacks without relying on random oracles. HMQV, a state of the art AKE protocol, achieves both efficiency and the strong security proposed by Krawczyk (we call it the CK+ model), which includes resistance to advanced attacks. However, the security proof is given under the random oracle model. We propose a generic construction of AKE from a key encapsulation mechanism (KEM). The construction is based on a chosen-ciphertext secure KEM, and the resultant AKE protocol is CK+ secure in the standard model. The construction gives the first CK+ secure AKE protocols based on the hardness of integer factorization problem, code-based problems, or learning problems with errors. In addition, instantiations under the Diffie-Hellman assumption or its variant can be proved to have strong security without non-standard assumptions such as $\pi$PRF and KEA1. Furthermore, we extend the CK+ model to identity-based (called the id-CK+ model), and propose a generic construction of identity-based AKE (ID-AKE) based on identity-based KEM, which satisfies id-CK+ security. The construction leads first strongly secure ID-AKE protocols under the hardness of integer factorization problem, or learning problems with errors.

Note: A result for the identity-based setting is added.

Metadata
Available format(s)
PDF
Publication info
A major revision of an IACR publication in PKC 2012
Keywords
authenticated key exchangeCK+ modelkey encapsulation mechanismidentity-based authenticated key exchange
Contact author(s)
yoneyama kazuki @ lab ntt co jp
kazuki yoneyama @ gmail com
History
2013-08-19: last of 2 revisions
2012-04-22: received
See all versions
Short URL
https://ia.cr/2012/211
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2012/211,
      author = {Atsushi Fujioka and Koutarou Suzuki and Keita Xagawa and Kazuki Yoneyama},
      title = {Strongly Secure Authenticated Key Exchange from Factoring, Codes, and Lattices},
      howpublished = {Cryptology {ePrint} Archive, Paper 2012/211},
      year = {2012},
      url = {https://eprint.iacr.org/2012/211}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.