Paper 2021/607
Signed Diffie-Hellman Key Exchange with Tight Security
Jiaxin Pan and Chen Qian and Magnus Ringerud
Abstract
We propose the first tight security proof for the ordinary two-message signed Diffie-Hellman key exchange protocol in the random oracle model. Our proof is based on the strong computational Diffie-Hellman assumption and the multi-user security of a digital signature scheme. With our security proof, the signed DH protocol can be deployed with optimal parameters, independent of the number of users or sessions, without the need to compensate any security loss. We abstract our approach with a new notion called verifiable key exchange. In contrast to a known tight three-message variant of the signed Diffie-Hellman protocol (Gjøsteen and Jager, CRYPTO 2018), we do not require any modification to the original protocol, and our tightness result is proven in the “Single-Bit- Guess” model which we know can be tightly composed with symmetric cryptographic primitives to establish a secure channel.
Note: This is the full version of the paper being published at CT-RSA 2021.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Minor revision. CT-RSA 2021
- DOI
- 10.1007/978-3-030-75539-3_9
- Keywords
- Authenticated key exchangesigned Diffie-Hellmantight security
- Contact author(s)
- magnus ringerud @ ntnu no
- History
- 2021-11-10: last of 2 revisions
- 2021-05-17: received
- See all versions
- Short URL
- https://ia.cr/2021/607
- License
-
CC BY