Cryptology ePrint Archive: Report 2017/418

Strong Authenticated Key Exchange with Auxiliary Inputs

Rongmao Chen and Yi Mu and Guomin Yang and Willy Susilo and Fuchun Guo

Abstract: Leakage attacks, including various kinds of side-channel attacks, allow an attacker to learn partial information about the internal secrets such as the secret key and the randomness of a cryptographic system. Designing a strong, meaningful, yet achievable security notion to capture practical leakage attacks is one of the primary goals of leakage-resilient cryptography.

In this work, we revisit the modelling and design of authenticated key exchange (AKE) protocols with leakage resilience. We show that the prior works on this topic are inadequate in capturing realistic leakage attacks. To close this research gap, we propose a new security notion named leakage-resilient eCK model w.r.t. auxiliary inputs (AI-LR-eCK) for AKE protocols, which addresses the limitations of the previous models. Our model allows computationally hard-to-invert leakage of both the long-term secret key and the randomness, and also addresses a limitation in the previous models where the adversary is disallowed to make leakage queries during the challenge session. As another major contribution of this work, we present a generic framework for the construction of AKE protocols that are secure under the proposed AI-LR-eCK model. An instantiation based on the Decision Diffie-Hellman (DDH) assumption in the standard model is also given to demonstrate the feasibility of our proposed framework.

Category / Keywords: cryptographic protocols / Authenticated Key Exchange

Original Publication (with minor differences): Designs, Codes and Cryptography
DOI:
10.1007/s10623-016-0295-3

Date: received 15 May 2017

Contact author: rc517 at uowmail edu au

Available format(s): PDF | BibTeX Citation

Note: A previous version of this paper is published in the Designs, Codes and Cryptography (available at http://link.springer.com/article/10.1007/s10623-016-0295-3). This is the full version with a subtle flaw fixed in the security proof.

Version: 20170515:142929 (All versions of this report)

Short URL: ia.cr/2017/418

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]