Cryptology ePrint Archive: Report 2021/1647

Privacy-Preserving Authenticated Key Exchange for Constrained Devices

Loïc Ferreira

Abstract: In this paper we investigate the field of privacy-preserving authenticated key exchange protocols (PPAKE). First we make a cryptographic analysis of a previous PPAKE protocol. We show that most of its security properties, including privacy, are broken, despite the security proofs that are provided. Then we describe a strong security model which captures the security properties of a PPAKE: entity authentication, key indistinguishability, forward secrecy, and privacy. Finally, we present a PPAKE protocol in the symmetric-key setting which is suitable for constrained devices. We formally prove the security of this protocol in our model.

Category / Keywords: cryptographic protocols / Authenticated key agreement, Internet of Things, Cryptanalysis, Privacy, PPAKE, Security model

Original Publication (with major differences): ACNS 2022

Date: received 16 Dec 2021

Contact author: loic ferreira at orange com

Available format(s): PDF | BibTeX Citation

Version: 20211217:142922 (All versions of this report)

Short URL: ia.cr/2021/1647


[ Cryptology ePrint archive ]