Authenticated Diffie-Hellman Key Agreement Protocols

This paper surveys recent work on the design and analysis of key agreement protocols that are based on the intractability of the Diffie-Hellman problem. The focus is on protocols that have been standardized, or are in the process of being standardized, by organizations such as ANSI, IEEE, ISO/IEC, and NIST. The practical and provable security aspects of these protocols are discussed.

[1]  Paul C. van Oorschot,et al.  Extending cryptographic logics of belief to key agreement protocols , 1993, CCS '93.

[2]  Peter Honeyman,et al.  Formal Methods for the Analysis of Authentication Protocols , 1993 .

[3]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[4]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[5]  Mihir Bellare,et al.  The Security of Cipher Block Chaining , 1994, CRYPTO.

[6]  Moni Naor,et al.  An Efficient Existentially Unforgeable Signature Scheme and Its Applications , 1994, Journal of Cryptology.

[7]  Moti Yung,et al.  Systematic Design of Two-Party Authentication Protocols , 1991, CRYPTO.

[8]  Hideki Imai,et al.  ON SEEKING SMART PUBLIC-KEY-DISTRIBUTION SYSTEMS. , 1986 .

[9]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[10]  Adi Shamir,et al.  How to expose an eavesdropper , 1984, CACM.

[11]  Alfred Menezes,et al.  Key Agreement Protocols and Their Security Analysis , 1997, IMACC.

[12]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[13]  Stefan WolfInstitute Diie-hellman Oracles , 1996 .

[14]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[15]  Mihir Bellare,et al.  Provably secure session key distribution: the three party case , 1995, STOC '95.

[16]  C. Dwork,et al.  An Eecient Existentially Unforgeable Signature Scheme and Its Applications , 1994 .

[17]  Alfred Menezes,et al.  Unknown Key-Share Attacks on the Station-to-Station (STS) Protocol , 1999, Public Key Cryptography.

[18]  Chris J. Mitchell,et al.  Limitations of challenge-response entity authentication , 1989 .

[19]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[20]  J. M. Irvine,et al.  CHAPTER 17 – THE UNIFIED MODEL , 1972 .

[21]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[22]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[23]  Ueli Maurer,et al.  Diffie-Hellman Oracles , 1996, CRYPTO.

[24]  Mihir Bellare,et al.  XOR MACs: New Methods for Message Authentication Using Finite Pseudorandom Functions , 1995, CRYPTO.

[25]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[26]  Mike Burmester,et al.  On the Risk of Opening Distributed Keys , 1994, CRYPTO.

[27]  Hugo Krawczyk,et al.  A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract) , 1998, STOC '98.

[28]  Joan Feigenbaum,et al.  Advances in Cryptology-Crypto 91 , 1992 .

[29]  Richard J. Lipton,et al.  Algorithms for Black-Box Fields and their Application to Cryptography (Extended Abstract) , 1996, CRYPTO.

[30]  Bruce Christianson,et al.  Proceedings of the 5th International Workshop on Security Protocols , 1996 .

[31]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[32]  Chae Hoon Lim,et al.  A Key Recovery Attack on Discrete Log-based Schemes Using a Prime Order Subgroupp , 1997, CRYPTO.

[33]  Victor Shoup,et al.  Session Key Distribution Using Smart Cards , 1996, EUROCRYPT.

[34]  Alfred Menezes,et al.  Entity Authentication and Authenticated Key Transport Protocols Employing Asymmetric Techniques , 1997, Security Protocols Workshop.

[35]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .