Paper 2025/1521
Universally Composable Subversion-Resilient Authenticated Key Exchange
Abstract
Subversion-resilient cryptography has garnered increasing attention in recent years due to growing concerns about cryptographic subversions in real-world applications. Among the existing countermeasures, the notion of cryptographic reverse firewalls (RFs), initially proposed by Mironov and Stephens-Davidowitz (EUROCRYPT 2015) and later extended by Chakraborty et al. (EUROCRYPT 2022) to the universally composable (UC) model, has proven to be a powerful tool for building subversion-resilient cryptographic protocols. In this work, we focus on designing subversion-resilient authenticated key exchange (AKE) protocols, which are critical components of secure Internet communication. We present the f irst generic framework for subversion-resilient UC-secure AKE protocols leveraging RFs. In spired by the state-of-the-art advancements by Chakraborty et al. (ASIACRYPT 2024), we address subversions: where a party’s implementation is covertly altered to exfiltrate secrets or behave unpredictably when triggered by adversarial inputs. A key contribution of our work is the introduction of a new AKE functionality which, for the first time, incorporates security against key control, an essential aspect of achieving subversion resilience. We also provide a concrete instantiation of our framework, demonstrating its feasibility in practice. Notably, the RFs in our proposed AKE protocol are transparent, an important property of RF as defined originally, which allows deployment of RF without all parties explicitly knowing about it and allows robust security. Achieving transparency for RFs has been widely regarded as challenging, particularly when addressing broader subversion attacks (e.g., input-trigger attacks) in the UC model. Our approach, thus, not only advances the state of AKE protocol design, but also offers insights into building other subversion-resilient protocols in the UC model using transparent RFs.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- A major revision of an IACR publication in ASIACRYPT 2025
- Keywords
- authentiated key exchangesubversion resilienceuniversal composability
- Contact author(s)
-
liujiahao14 @ nudt edu cn
wangyi14 @ nudt edu cn
chromao @ nudt edu cn
xyhuang81 @ gmail com
sjs @ nudt edu cn
motiyung @ gmail com - History
- 2025-08-28: approved
- 2025-08-25: received
- See all versions
- Short URL
- https://ia.cr/2025/1521
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2025/1521,
author = {Jiahao Liu and Yi Wang and Rongmao Chen and Xinyi Huang and Jinshu Su and Moti Yung},
title = {Universally Composable Subversion-Resilient Authenticated Key Exchange},
howpublished = {Cryptology {ePrint} Archive, Paper 2025/1521},
year = {2025},
url = {https://eprint.iacr.org/2025/1521}
}