Paper 2015/110

sHMQV: An Efficient Key Exchange Protocol for Power-limited Devices

Shijun Zhao and Qianying Zhang

Abstract

In this paper we focus on designing authenticated key exchange protocols for practical scenarios where the party consists of a powerful but untrusted host (e.g., PC, mobile phone, etc) and a power-limited but trusted device (e.g., Trusted Platform Module, Mobile Trusted Module, Smart Card, etc). HMQV and (s,r)OAKE protocols are the state-of-the-art in the integrity of security and efficiency. However, we find that they are not suitable for the above scenarios as all (or part) of the online exponentiation computations must be performed in the power-limited trusted devices, which makes them inefficient for the deployment in practice. To overcome the above inefficiency, we propose a variant of HMQV protocol, denoted sHMQV, under some new design rationales which bring the following advantages: 1) eliminating the validation of the ephemeral public keys, which costs one exponentiation; 2) the power-limited trusted device only performs one exponentiation, which can be pre-computed offline; 3) all the online exponentiation computations can be performed in the powerful host. The above advantages make sHMQV enjoy better performance than HMQV and (s,r)OAKE, especially when deployed in the scenarios considered in this paper. We finally formally prove the security of sHMQV in the CK model.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Minor revision. ISPEC'15
Keywords
Authenticated Key ExchangeCK modelSecurity AnalysisPower-limited Devices
Contact author(s)
zqyzsj @ gmail com
History
2015-02-24: received
Short URL
https://ia.cr/2015/110
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/110,
      author = {Shijun Zhao and Qianying Zhang},
      title = {{sHMQV}: An Efficient Key Exchange Protocol for Power-limited Devices},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/110},
      year = {2015},
      url = {https://eprint.iacr.org/2015/110}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.