Paper 2011/051

Towards Strong Adaptive Corruption Security of Authenticated Key Exchange

Zheng Yang

Abstract

In this paper we study strong adaptive corruption security definitions for authenticated key exchange (AKE) protocols. Many recent protocols for Authenticated Key Exchange have been proven correct in the CK01 or eCK security model. The new model is suggested to be at least as strong as previous models for authenticated key exchange protocols. However, we observe that there are several kinds of attacks on existing AKE protocols that beyond the current class of security definitions which further reveal the shortcomings in security proofs in related AKE security models, in particular concerning the protocols under eCK model. Since the two models are not formally comparable, we discuss the ambiguities of existing security definitions and then provide a general framework for defining AKE security when involve strong adversary capabilities. In which we formulate the timing of the authentication, key generation and key confirmation, for different classes of AKE protocols. In addition, we propose a new two-pass AKE protocol called $\Sigma^y$ as an instance, which is proven secure in our proposed strong security definitions, under random oracle model and GDH assumption. In this protocol we show that our the proposed model, would also be a helpful guidance to design a secure protocol under strong adversary model. The intuition is generic: we embed the global unique identifier for unique-pairwise matching sessions into the key materials, before submitting to final key deviation function.

Metadata
Available format(s)
-- withdrawn --
Publication info
Published elsewhere. Unknown where it was published
Keywords
Security modelAuthenticated Key ExchangeSessionStateEphemeral KeyKey Compromise ImpersonationUnknown Key ShareMatching Sessions
Contact author(s)
zheng yang @ rub de
History
2011-06-18: withdrawn
2011-01-26: received
See all versions
Short URL
https://ia.cr/2011/051
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.