Paper 2021/1647

Privacy-Preserving Authenticated Key Exchange for Constrained Devices

Loïc Ferreira

Abstract

In this paper we investigate the field of privacy-preserving authenticated key exchange protocols (PPAKE). First we make a cryptographic analysis of a previous PPAKE protocol. We show that most of its security properties, including privacy, are broken, despite the security proofs that are provided. Then we describe a strong security model which captures the security properties of a PPAKE: entity authentication, key indistinguishability, forward secrecy, and privacy. Finally, we present a PPAKE protocol in the symmetric-key setting which is suitable for constrained devices. We formally prove the security of this protocol in our model.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. MAJOR revision.ACNS 2022
Keywords
Authenticated key agreementInternet of ThingsCryptanalysisPrivacyPPAKESecurity model
Contact author(s)
loic ferreira @ orange com
History
2021-12-17: received
Short URL
https://ia.cr/2021/1647
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/1647,
      author = {Loïc Ferreira},
      title = {Privacy-Preserving Authenticated Key Exchange for Constrained Devices},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1647},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/1647}},
      url = {https://eprint.iacr.org/2021/1647}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.