Paper 2017/060

Zero Round-Trip Time for the Extended Access Control Protocol

Jacqueline Brendel and Marc Fischlin


The Extended Access Control (EAC) protocol allows to create a shared cryptographic key between a client and a server. It is for instance referenced by the International Civil Aviation Organization for securing the communication between machine readable travel documents and terminals, and is also deployed on current German identity cards. Here we discuss how to enhance the EAC protocol by a so-called zero-round trip time (0RTT) mode. Through this mode the client can, without further interaction, immediately derive a new key from cryptographic material exchanged in previous executions. This makes the 0RTT mode attractive from an efficiency viewpoint such that the upcoming TLS 1.3 standard, for instance, will include its own 0RTT mode. Here we show that the EAC protocol can be augmented to support a 0RTT mode, too. Our proposed EAC+0RTT protocol is compliant with the basic EAC protocol and adds the 0RTT mode smoothly on top. We also prove the security of our proposal according to the common security model of Bellare and Rogaway in the multi-stage setting.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Major revision. Proceedings of the 22nd European Symposium on Research in Computer Security (ESORICS 2017)
zero-RTT protocolsauthenticated key exchangeextended access control protocol
Contact author(s)
jacqueline brendel @ cryptoplexity de
marc fischlin @ cryptoplexity de
2017-06-22: revised
2017-01-31: received
See all versions
Short URL
Creative Commons Attribution


      author = {Jacqueline Brendel and Marc Fischlin},
      title = {Zero Round-Trip Time for the Extended Access Control Protocol},
      howpublished = {Cryptology ePrint Archive, Paper 2017/060},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.