论文信息 - Partnership in key exchange protocols

Partnership in key exchange protocols

In this paper, we investigate the notion of partnership as found in security models for key exchange protocols. Several different approaches have been pursued to define partnership, with varying degrees of success. We aim to provide an overview and criticism of the various definitions and point out some pitfalls that can be encountered when trying to define partnership. As a result, we propose an intuitive way of defining partnership directly from equality of session keys. In addition, we show that authentication can be captured using a definition of partnership by equality of partner identifiers, and give proofs that both definitions achieve what we expect from them.

SeongHan Shin | Kazukuni Kobara | Mario Strefler

[1] Kim-Kwang Raymond Choo,et al. Security Requirements for Key Establishment Proof Models: Revisiting Bellare-Rogaway and Jeong-Katz-Lee Protocols , 2005, ACISP.

[2] Colin Boyd,et al. On Session Identifiers in Provably Secure Protocols: The Bellare-Rogaway Three-Party Key Distribution Protocol Revisited , 2004, SCN.

[3] Mihir Bellare,et al. Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[4] Mihir Bellare,et al. Provably secure session key distribution: the three party case , 1995, STOC '95.

[5] Jens-Matthias Bohli. Interne Angreifer in der Kryptographie: digitale Signatur und Schlüsselaustausch , 2007 .

[6] Mihir Bellare,et al. Entity Authentication and Key Distribution , 1993, CRYPTO.

[7] Hugo Krawczyk,et al. Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[8] Bart Preneel,et al. Security Properties of Domain Extenders for Cryptographic Hash Functions , 2010, J. Inf. Process. Syst..

[9] Kristin E. Lauter,et al. Stronger Security of Authenticated Key Exchange , 2006, ProvSec.

[10] Alfred Menezes,et al. Handbook of Applied Cryptography , 2018 .

[11] Hugo Krawczyk,et al. A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract) , 1998, STOC '98.