Cryptology ePrint Archive: Report 2021/607

Signed Diffie-Hellman Key Exchange with Tight Security

Jiaxin Pan and Chen Qian and Magnus Ringerud

Abstract: We propose the first tight security proof for the ordinary two-message signed Diffie-Hellman key exchange protocol in the random oracle model. Our proof is based on the strong computational Diffie-Hellman assumption and the multi-user security of a digital signature scheme. With our security proof, the signed DH protocol can be deployed with optimal parameters, independent of the number of users or sessions, without the need to compensate any security loss. We abstract our approach with a new notion called verifiable key exchange. In contrast to a known tight three-message variant of the signed Diffie-Hellman protocol (Gjøsteen and Jager, CRYPTO 2018), we do not require any modification to the original protocol, and our tightness result is proven in the “Single-Bit- Guess” model which we know can be tightly composed with symmetric cryptographic primitives to establish a secure channel.

Category / Keywords: cryptographic protocols / Authenticated key exchange, signed Diffie-Hellman, tight security

Original Publication (with minor differences): CT-RSA 2021

Date: received 10 May 2021, last revised 21 May 2021

Contact author: magnus ringerud at ntnu no

Available format(s): PDF | BibTeX Citation

Note: This is the full version of the paper being published at CT-RSA 2021.

Version: 20210521:134351 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]