Paper 2021/607
Signed (Group) Diffie-Hellman Key Exchange with Tight Security
Jiaxin Pan, Chen Qian, and Magnus Ringerud
Abstract
We propose the first tight security proof for the ordinary two-message signed Diffie-Hellman key exchange protocol in the random oracle model. Our proof is based on the strong computational Diffie-Hellman assumption and the multi-user security of a digital signature scheme. With our security proof, the signed DH protocol can be deployed with optimal parameters, independent of the number of users or sessions, without the need to compensate any security loss. We abstract our approach with a new notion called verifiable key exchange. In contrast to a known tight three-message variant of the signed Diffie-Hellman protocol (Gjøsteen and Jager, CRYPTO 2018), we do not require any modification to the original protocol, and our tightness result is proven in the ``Single-Bit-Guess'' model which we know can be tightly composed with symmetric cryptographic primitives to establish a secure channel. Finally, we extend our approach to the group setting and construct the first tightly secure group authenticated key exchange protocol.
Note: This is the extended, full version of the paper published at CT-RSA 2021.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Major revision. CT-RSA 2021
- DOI
- 10.1007/978-3-030-75539-3_9
- Keywords
- Authenticated key exchangegroup key exchangesigned Diffie-Hellmantight security.
- Contact author(s)
- magnus ringerud @ ntnu no
- History
- 2021-11-10: last of 2 revisions
- 2021-05-17: received
- See all versions
- Short URL
- https://ia.cr/2021/607
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2021/607,
author = {Jiaxin Pan and Chen Qian and Magnus Ringerud},
title = {Signed (Group) Diffie-Hellman Key Exchange with Tight Security},
howpublished = {Cryptology {ePrint} Archive, Paper 2021/607},
year = {2021},
doi = {10.1007/978-3-030-75539-3_9},
url = {https://eprint.iacr.org/2021/607}
}
