Cryptology ePrint Archive: Report 2005/424

Efficient Mutual Data Authentication Using Manually Authenticated Strings

Sven Laur and N. Asokan and Kaisa Nyberg

Abstract: Solutions for an easy and secure setup of a wireless connection between two devices are urgently needed for WLAN, Wireless USB, Bluetooth and similar standards for short range wireless communication. In this paper we analyse the SAS protocol by Vaudenay and propose a new three round protocol MA-3 for mutual data authentication based on a cryptographic commitment scheme and short manually authenticated out-of-band messages. We show that non-malleability of the commitment scheme is essential for the security of the SAS and the MA-3 schemes and that extractability or equivocability do not imply non-malleability. We also give new proofs of security for the SAS and MA-3 protocols and suggestions how to instantiate the MA-3 protocol in practise.

Category / Keywords: cryptographic protocols / data authentication; manual authentication protocol

Publication Info: A shortened and more updated version will be published at CANS 2006.

Date: received 22 Nov 2005, last revised 18 Sep 2006

Contact author: kaisa nyberg at nokia com

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Note: The current Eprint version of the aricle is outdated and kept here for historical reasons. The new update "Efficient mutual data authentication using manually authenticated strings: Extended version" is available from until Eprint starts to support multiple versions of the same report. We suggest to cite older version for historical references and CANS paper otherwise.

Version: 20060918:093844 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]