You are looking at a specific version 20201014:200536 of this paper. See the latest version.

Paper 2020/1279

Tightly-Secure Authenticated Key Exchange, Revisited

Tibor Jager and Eike Kiltz and Doreen Riepel and Sven Schäge

Abstract

We introduce new tightly-secure authenticated key exchange (AKE) protocols that are extremely efficient, yet have only a constant security loss and can be instantiated in the random oracle model both from the standard DDH assumption and a subgroup assumption over RSA groups. These protocols can be deployed with optimal parameters, independent of the number of users or sessions, without the need to compensate a security loss with increased parameters and thus decreased computational efficiency. We use the standard “Single-Bit-Guess” AKE security (with forward secrecy and state corruption) requiring all challenge keys to be simultaneously pseudo-random. In contrast, most previous papers on tightly secure AKE protocols (Bader et al., TCC 2015; Gjøsteen and Jager, CRYPTO 2018; Liu et al., ASIACRYPT 2020) concentrated on a non-standard “Multi-Bit-Guess” AKE security which is known not to compose tightly with symmetric primitives to build a secure communication channel. Our key technical contribution is a new generic approach to construct tightly-secure AKE protocols based on non-committing key encapsulation mechanisms. The resulting DDH-based protocols are considerably more efficient than all previous constructions.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
Authenticated key exchangetightnessnon-committing encryptionforward security
Contact author(s)
doreen riepel @ rub de
eike kiltz @ rub de
tibor jager @ uni-wuppertal de
sven schaege @ rub de
History
2020-11-13: last of 2 revisions
2020-10-14: received
See all versions
Short URL
https://ia.cr/2020/1279
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.