Provably Secure Mobile Key Exchange: Applying the Canetti-Krawczyk Approach

Practical use of the Canetti and Krawczyk approach to development of proven secure key exchange protocols is explored. The suite of protocols that can be developed using existing building blocks is discussed. An additional building block is provided by proving a new protocol secure in the ideal model of the approach. In the application area of wireless protocols it is shown that the best existing protocols can be matched with versions carrying security proofs. We conclude that building a library of building blocks will allow protocols with proven security to become the norm rather than the exception.

[1]  Victor Shoup,et al.  On Formal Models for Secure Key Exchange , 1999, IACR Cryptol. ePrint Arch..

[2]  Mihir Bellare,et al.  Provably secure session key distribution: the three party case , 1995, STOC '95.

[3]  Alfred Menezes,et al.  Unknown Key-Share Attacks on the Station-to-Station (STS) Protocol , 1999, Public Key Cryptography.

[4]  Markus Jakobsson,et al.  Mutual Authentication for Low-Power Mobile Devices , 2002, Financial Cryptography.

[5]  Colin Boyd,et al.  Advances in Cryptology - ASIACRYPT 2001 , 2001 .

[6]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[7]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[8]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[9]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[10]  Günther Horn,et al.  Authentication and Payment in Future Mobile Systems , 1998, J. Comput. Secur..

[11]  Duncan S. Wong,et al.  Efficient and Mutually Authenticated Key Exchange for Low Power Computing Devices , 2001, ASIACRYPT.

[12]  Mark Looi,et al.  A fraud detection method using IS-41C protocols and its application to the third generation wireless systems , 1998, IEEE GLOBECOM 1998 (Cat. NO. 98CH36250).

[13]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[14]  Hugo Krawczyk,et al.  A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract) , 1998, STOC '98.

[15]  Günther Horn,et al.  Authentication protocols for mobile network environment value-added services , 2002, IEEE Trans. Veh. Technol..

[16]  Colin Boyd,et al.  Public key protocols for wireless communications , 1998, ICISC.

[17]  David Pointcheval,et al.  The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes , 2001, Public Key Cryptography.

[18]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.