Paper 2014/481

Universally Composable Non-Interactive Key Exchange

Eduarda S. V. Freire, Julia Hesse, and Dennis Hofheinz

Abstract

We consider the notion of a non-interactive key exchange (NIKE). A NIKE scheme allows a party \(A\) to compute a common shared key with another party \(B\) from \(B\)'s public key and \(A\)'s secret key alone. This computation requires no interaction between \(A\) and \(B\), a feature which distinguishes NIKE from regular (i.e., interactive) key exchange not only quantitatively, but also qualitatively. Our first contribution is a formalization of NIKE protocols as ideal functionalities in the Universal Composability (UC) framework. As we will argue, existing NIKE definitions (all of which are game-based) do not support a modular analysis either of NIKE schemes themselves, or of the use of NIKE schemes. We provide a simple and natural UC-based NIKE definition that allows for a modular analysis both of NIKE schemes and their use in larger protocols. We proceed to investigate the properties of our new definition, and in particular its relation to existing game-based NIKE definitions. We find that (a) game-based NIKE security is equivalent to UC-based NIKE security against \emph{static} corruptions, and (b) UC-NIKE security against adaptive corruptions cannot be achieved without additional assumptions (but \emph{can} be achieved in the random oracle model). Our results suggest that our UC-based NIKE definition is a useful and simple abstraction of non-interactive key exchange.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. MAJOR revision.SCN 2014
Keywords
non-interactive key exchangeuniversal composability
Contact author(s)
julia hesse @ kit edu
History
2014-06-26: revised
2014-06-23: received
See all versions
Short URL
https://ia.cr/2014/481
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/481,
      author = {Eduarda S. V.  Freire and Julia Hesse and Dennis Hofheinz},
      title = {Universally Composable Non-Interactive Key Exchange},
      howpublished = {Cryptology ePrint Archive, Paper 2014/481},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/481}},
      url = {https://eprint.iacr.org/2014/481}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.