Cryptology ePrint Archive: Report 2019/737

Highly Efficient Key Exchange Protocols with Optimal Tightness -- Enabling real-world deployments with theoretically sound parameters

Katriel Cohn-Gordon and Cas Cremers and Kristian Gjøsteen and Håkon Jacobsen and Tibor Jager

Abstract: In this paper we give nearly-tight reductions for modern implicitly authenticated Diffie-Hellman protocols in the style of the Signal and Noise protocols which are extremely simple and efficient. Unlike previous approaches, the combination of nearly-tight proofs and efficient protocols enables the first real-world instantiations for which the parameters can be chosen in a theoretically sound manner.

Our reductions have only a linear loss in the number of users, implying that our protocols are more efficient than the state of the art when instantiated with theoretically sound parameters. We also prove that our security proofs are optimal: a linear loss in the number of users is unavoidable for our protocols for a large and natural class of reductions.

Category / Keywords: cryptographic protocols / AKE, provable security, tightness, meta-reductions

Original Publication (with major differences): IACR-CRYPTO-2019

Date: received 20 Jun 2019

Contact author: tibor jager at upb de, cas cremers@gmail com, jacobseh@mcmaster ca, me@katriel co uk, kristian gjosteen@ntnu no

Available format(s): PDF | BibTeX Citation

Version: 20190621:135921 (All versions of this report)

Short URL: ia.cr/2019/737


[ Cryptology ePrint archive ]