One-round key exchange in the standard model

We consider one-round key exchange protocols secure in the standard model. The security analysis uses the powerful security model of Canetti and Krawczyk and a natural extension of it to the ID-based setting. It is shown how Key-Encapsulation Mechanisms (KEMs) can be used in a generic way to obtain two different protocol designs with progressively stronger security guarantees. A detailed analysis of the performance of the protocols is included; surprisingly, when instantiated with specific KEM constructions, the resulting protocols are competitive with the best previous schemes that have proofs only in the Random Oracle Model.

[1]  Noam Nisan,et al.  The computational complexity of universal hashing , 1990, STOC '90.

[2]  Hugo Krawczyk,et al.  SKEME: a versatile secure key exchange mechanism for Internet , 1996, Proceedings of Internet Society Symposium on Network and Distributed Systems Security.

[3]  Noam Nisan,et al.  Randomness is Linear in Space , 1996, J. Comput. Syst. Sci..

[4]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[5]  Hugo Krawczyk,et al.  A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract) , 1998, STOC '98.

[6]  Mihir Bellare,et al.  The Security of the Cipher Block Chaining Message Authentication Code , 2000, J. Comput. Syst. Sci..

[7]  Yevgeniy Dodis,et al.  Exposure-resilient cryptography , 2000 .

[8]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[9]  Alexander W. Dent,et al.  Adapting the Weaknesses of the Random Oracle Model to the Generic Group Model , 2002, ASIACRYPT.

[10]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[11]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[12]  Dong Hoon Lee,et al.  One-Round Protocols for Two-Party Authenticated Key Exchange , 2004, ACNS.

[13]  Kenneth G. Paterson,et al.  Key Agreement Using Statically Keyed Authenticators , 2004, ACNS.

[14]  Hugo Krawczyk,et al.  Secure Hashed Diffie-Hellman over Non-DDH Groups , 2004, EUROCRYPT.

[15]  Mihir Bellare,et al.  An Uninstantiable Random-Oracle-Model Scheme for a Hybrid-Encryption Problem , 2004, EUROCRYPT.

[16]  Hugo Krawczyk,et al.  Randomness Extraction and Key Derivation Using the CBC, Cascade and HMAC Modes , 2004, CRYPTO.

[17]  Kaoru Kurosawa,et al.  Tag-KEM/DEM: A New Framework for Hybrid Encryption and A New Analysis of Kurosawa-Desmedt KEM , 2005, EUROCRYPT.

[18]  Olivier Chevassut,et al.  Key Derivation and Randomness Extraction , 2005, IACR Cryptol. ePrint Arch..

[19]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[20]  Hugo Krawczyk,et al.  HMQV: A High-Performance Secure Diffie-Hellman Protocol , 2005, CRYPTO.

[21]  Eike Kiltz,et al.  Direct Chosen-Ciphertext Secure Identity-Based Key Encapsulation without Random Oracles , 2006, IACR Cryptol. ePrint Arch..

[22]  Eike Kiltz,et al.  Chosen-Ciphertext Secure Identity-Based Encryption in the Standard Model with short Ciphertexts , 2006, IACR Cryptol. ePrint Arch..

[23]  Liqun Chen,et al.  Identity-based key agreement protocols from pairings , 2017, International Journal of Information Security.

[24]  Alexander W. Dent A Note On Game-Hopping Proofs , 2006, IACR Cryptol. ePrint Arch..

[25]  Craig Gentry,et al.  Practical Identity-Based Encryption Without Random Oracles , 2006, EUROCRYPT.

[26]  Zhenfu Cao,et al.  New Identity-Based Authenticated Key Agreement Protocols from Pairings (without Random Oracles) , 2006, IACR Cryptology ePrint Archive.

[27]  Liqun Chen,et al.  A Built-in Decisional Function and Security Proof of ID-based Key Agreement Protocols from Pairings , 2006, IACR Cryptol. ePrint Arch..

[28]  Tatsuaki Okamoto,et al.  Authenticated Key Exchange and Key Encapsulation in the Standard Model , 2007, ASIACRYPT.

[29]  Eike Kiltz,et al.  Chosen-Ciphertext Secure Key-Encapsulation Based on Gap Hashed Diffie-Hellman , 2007, Public Key Cryptography.

[30]  Kristin E. Lauter,et al.  Stronger Security of Authenticated Key Exchange , 2006, ProvSec.