Paper 2016/308

Strongly Leakage-Resilient Authenticated Key Exchange

Rongmao Chen, Yi Mu, Guomin Yang, Willy Susilo, and Fuchun Guo


Authenticated Key Exchange (AKE) protocols have been widely deployed in many real-world applications for securing communication channels. In this paper, we make the following contributions. First, we revisit the security modelling of leakage-resilient AKE protocols, and show that the existing models either impose some unnatural restrictions or do not sufficiently capture leakage attacks in reality. We then introduce a new strong yet meaningful security model, named challenge-dependent leakage-resilient eCK (CLR-eCK) model, to capture challenge-dependent leakage attacks on both long-term secret key and ephemeral secret key (i.e., randomness). Second, we propose a general framework for constructing one-round CLR-eCK-secure AKE protocols based on smooth projective hash functions (SPHFs). This framework ensures the session key is private and authentic even if the adversary learns a large fraction of both long-term secret key and ephemeral secret key, and hence provides stronger security guarantee than existing AKE protocols which become insecure if the adversary can perform leakage attacks during the execution of a session. Finally, we also present a practical instantiation of the general framework based on the Decisional Diffie-Hellman assumption without random oracle. Our result shows that the instantiation is efficient in terms of the communication and computation overhead and captures more general leakage attacks.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Major revision. CT-RSA 2016
Authenticated key exchangechallenge-dependent leakagestrong randomness extractorsmooth projective hash function.
Contact author(s)
rc517 @ uowmail edu au
2016-03-18: received
Short URL
Creative Commons Attribution


      author = {Rongmao Chen and Yi Mu and Guomin Yang and Willy Susilo and Fuchun Guo},
      title = {Strongly Leakage-Resilient Authenticated Key Exchange},
      howpublished = {Cryptology ePrint Archive, Paper 2016/308},
      year = {2016},
      doi = {10.1007%2F978-3-319-29485-8},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.