Paper 2024/1438

Anamorphic Authenticated Key Exchange: Double Key Distribution under Surveillance

Weihao Wang, Shanghai Jiao Tong University, China, State Key Laboratory of Cryptology, China
Shuai Han, Shanghai Jiao Tong University, China, State Key Laboratory of Cryptology, China
Shengli Liu, Shanghai Jiao Tong University, China, State Key Laboratory of Cryptology, China
Abstract

Anamorphic encryptions and anamorphic signatures assume a double key pre-shared between two parties so as to enable the transmission of covert messages. How to securely and efficiently distribute a double key under the dictator's surveillance is a central problem for anamorphic cryptography, especially when the users are forced to surrender their long-term secret keys or even the randomness used in the algorithms to the dictator. In this paper, we propose Anamorphic Authentication Key Exchange (AM-AKE) to solve the problem. Similar to anamorphic encryption, AM-AKE contains a set of anamorphic algorithms besides the normal algorithms. With the help of the anamorphic algorithms in AM-AKE, the initiator and the responder are able to exchange not only a session key but also a double key. We define robustness and security notions for AM-AKE, and also prove some impossibility results on plain AM-AKE whose anamorphic key generation algorithm only outputs a key-pair. To bypass the impossibility results, we work on two sides. -- On the one side, for plain AM-AKE, the securities have to be relaxed to resist only passive attacks from the dictator. Under this setting, we propose a generic construction of two-pass plain AM-AKE from a two-pass AKE with partially randomness-recoverable algorithms. -- On the other side, we consider (non-plain) AM-AKE whose key generation algorithm also outputs an auxiliary trapdoor besides the key-pairs. We ask new properties from AKE: its key generation algorithm has secret extractability and other algorithms have separability. Based on such a two-pass AKE, we propose a generic construction of two-pass (non-plain) AM-AKE. The resulting AM-AKE enjoys not only robustness but also the strong security against any dictator knowing both users' secret keys and even the internal randomness of the AKE algorithms and implementing active attacks. Finally, we present concrete AM-AKE schemes from the popular SIG+KEM paradigm and three-KEM paradigm for constructing AKE.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
A major revision of an IACR publication in ASIACRYPT 2024
Keywords
Anamorphic CryptographyAuthenticated Key Exchange
Contact author(s)
dykler123 @ sjtu edu cn
dalen17 @ sjtu edu cn
slliu @ sjtu edu cn
History
2024-09-18: approved
2024-09-14: received
See all versions
Short URL
https://ia.cr/2024/1438
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/1438,
      author = {Weihao Wang and Shuai Han and Shengli Liu},
      title = {Anamorphic Authenticated Key Exchange: Double Key Distribution under Surveillance},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1438},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1438}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.