Cryptanalysis of a ``Strengthened'' Key Exchange Protocol for IoT, or When SAKE$^+$ Turns Out to Be SAKE$^-$

Loïc Ferreira

Paper 2020/839

Cryptanalysis of a ``Strengthened'' Key Exchange Protocol for IoT, or When SAKE $^{+}$ Turns Out to Be SAKE $^{-}$

Loïc Ferreira

Abstract

In this paper we make an extensive analysis of SAKE $^{+}$ and SAKE $^{+}$ -AM, two key exchange protocols. We show that several attacks are practicable against these protocols. This invalidates several claims made by the authors regarding the (security) properties of their protocols. Our results question also the correctness of the corresponding security proofs, made in the computational model (using the game-based methodology), and with the ProVerif verification tool.

Note: Minor changes

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Preprint. MINOR revision.
Keywords: Authenticated key agreement Cryptanalysis
Contact author(s): loic ferreira @ orange com
History: 2020-08-04: revised; 2020-07-12: received; See all versions
Short URL: https://ia.cr/2020/839
License: CC BY

BibTeX

@misc{cryptoeprint:2020/839,
      author = {Loïc Ferreira},
      title = {Cryptanalysis of a ``Strengthened'' Key Exchange Protocol for {IoT}, or When {SAKE}$^+$ Turns Out to Be {SAKE}$^-$},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/839},
      year = {2020},
      url = {https://eprint.iacr.org/2020/839}
}

Paper 2020/839

Cryptanalysis of a ``Strengthened'' Key Exchange Protocol for IoT, or When SAKE+ Turns Out to Be SAKE−

Abstract

Metadata

Cryptanalysis of a ``Strengthened'' Key Exchange Protocol for IoT, or When SAKE $^{+}$ Turns Out to Be SAKE $^{-}$