We give a modular and universally composable analytical framework for PKI-based message authentication and key exchange protocols. This framework guarantees security even when the PKI is pre-existing and globally available, without being unnecessarily restrictive. Specifically, we model PKI as a global set-up functionality within the \emph{Global~UC} security model [Canetti \etal, TCC 2007] and relax the ideal authentication and key exchange functionalities accordingly. We then demonstrate the security of basic signature-based authentication and key exchange protocols. Our modeling makes minimal security assumptions on the PKI in use; in particular, ``knowledge of the secret key'' is not needed.
Category / Keywords: public-key infrastructure, message authentication, digital signatures, key exchange, deniability, non-transferability, universal composability Original Publication (with minor differences): Submitted to TCC 2015. Date: received 4 Jun 2014, last revised 9 Oct 2014 Contact author: margarita vald at cs tau ac il Available format(s): PDF | BibTeX Citation Note: Added key exchange section. Version: 20141009:080237 (All versions of this report) Short URL: ia.cr/2014/432 Discussion forum: Show discussion | Start new discussion