While formally the models are not comparable, we show that recent analysis utilizing \SessionStateReveal{} and \RevealEphemeralKey{} have a similar approach to ephemeral data leakage. First we pinpoint the features that determine the approach. Then by examining common motives for ephemeral data leakage we conclude that the approach is meaningful, but does not take into account timing, which turns out to be critical for security. Lastly, for Diffie-Hellman protocols we argue that it is important to consider security when discrete logarithm values of the outgoing ephemeral public keys are leaked and offer a method to achieve security even if the values are exposed.
Category / Keywords: foundations / Key agreement, leakage of ephemeral secrets Publication Info: A short version has been accepted to ProvSec 2009 Date: received 17 Jul 2009, last revised 20 Jul 2009 Contact author: bustaoglu at cryptolounge net Available format(s): PDF | BibTeX Citation Note: This is an extended version that includes security arguments and more elaborate comparison. Version: 20090721:203215 (All versions of this report) Short URL: ia.cr/2009/353