Characterization of Strongly Secure Authenticated Key Exchanges without NAXOS Technique
スポンサーリンク
概要
- 論文の詳細を見る
This paper examines two-pass authenticated key exchange (AKE) protocols that are secure without the NAXOS technique under the gap Diffie-Hellman assumption in the random oracle model: FHMQV [18], KFU1 [21], SMEN- [13], and UP [17]. We introduce two protocol, biclique DH protocol and multiplied biclique DH protocol, to analyze the subject protocols, and show that the subject protocols use the multiplied biclique DH protocol as internal protocols. The biclique DH protocol is secure, however, the multiplied biclique DH protocol is insecure. We show the relations between the subject protocols from the viewpoint of how they overcome the insecurity of the multiplied biclique DH protocol: ·FHMQV virtually executes two multiplied biclique DH protocols in sequence with the same ephemeral key on two randomized static keys.·KFU1 executes two multiplied biclique DH protocols in parallel with the same ephemeral key.·UP is a version of KFU1 in which one of the static public keys is generated with a random oracle.·SMEN- can be thought of as a combined execution of two multiplied biclique DH protocols. In addition, this paper provides ways to characterize the AKE protocols and defines two parameters: one consists of the number of static keys, the number of ephemeral keys, and the number of shared secrets, and the other is defined as the total sum of these numbers. When an AKE protocol is constructed based on some group, these two parameters indicate the number of elements in the group, i.e., they are related to the sizes of the storage and communication data.
著者
関連論文
- Characterization of Strongly Secure Authenticated Key Exchanges without NAXOS Technique
- id-eCK Secure ID-Based Authenticated Key Exchange on Symmetric and Asymmetric Pairing