Paper 2006/073
Stronger Security of Authenticated Key Exchange
Brian LaMacchia, Kristin Lauter, and Anton Mityagin
Abstract
In this paper we study security definitions for authenticated key exchange (AKE) protocols. We observe that there are several families of attacks on AKE protocols that lie outside the boundary of the current class of security definitions. In an attempt to bring these attacks within the scope of analysis we extend the AKE security definition to provide greater powers to the adversary. We provide a general framework for defining AKE security, which we call strong AKE security, such that existing security definitions occur as instances of the framework. We then introduce NAXOS, a new two-pass AKE protocol, and prove that it is secure in this stronger definition. In addition, we formulate a notion of ephemeral secret key which captures all ephemeral information used in session establishment. We demonstrate the importance of this formulation by showing that a secure AKE protocol SIG-DH can become vulnerable when instantiated with signature schemes which are insecure against revelation of the secret random bits used in the signature generation.
Metadata
- Available format(s)
-
PDF
PS
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- authenticated key exchangeprotocolsattacks
- Contact author(s)
- amityagin @ cs ucsd edu
- History
- 2006-04-01: revised
- 2006-02-24: received
- See all versions
- Short URL
- https://ia.cr/2006/073
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2006/073,
author = {Brian LaMacchia and Kristin Lauter and Anton Mityagin},
title = {Stronger Security of Authenticated Key Exchange},
howpublished = {Cryptology {ePrint} Archive, Paper 2006/073},
year = {2006},
url = {https://eprint.iacr.org/2006/073}
}
