http://iet.metastore.ingenta.com
1887

Cryptanalysis of a generic one-round key exchange protocol with strong security

Cryptanalysis of a generic one-round key exchange protocol with strong security

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

In Public-Key Cryptography (PKC) 2015, Bergsma et al. introduced an interesting one-round key exchange protocol (which will be referred to as BJS scheme) with strong security in particular for perfect forward secrecy (PFS). In this study, the authors unveil a PFS attack against the BJS scheme. This would simply invalidate its security proof. An improvement is proposed to fix the problem of the BJS scheme with minimum changes.

References

    1. 1)
      • W. Diffie , P.C. Oorschot , M.J. Wiener .
        1. Diffie, W., Oorschot, P.C., Wiener, M.J.: ‘Authentication and authenticated key exchanges’, Des. Codes Cryptogr., 1992, 2, (2), pp. 107125.
        . Des. Codes Cryptogr. , 2 , 107 - 125
    2. 2)
      • F. Bergsma , T. Jager , J. Schwenk .
        2. Bergsma, F., Jager, T., Schwenk, J.: ‘One-round key exchange with strong security: an efficient and generic construction in the standard model’. Proc. of PKC 2015, Gaithersburg, MD, USA, 30 March–1 April 2015, pp. 477494.
        . Proc. of PKC 2015 , 477 - 494
    3. 3)
      • S. Blake-Wilson , D. Johnson , A. Menezes .
        3. Blake-Wilson, S., Johnson, D., Menezes, A.: ‘Key agreement protocols and their security analysis’. Proc. of IMA Int. Conf. Cryptography and Coding 1997, Cirencester, UK, 17–19 December 1997, pp. 3045.
        . Proc. of IMA Int. Conf. Cryptography and Coding 1997 , 30 - 45
    4. 4)
      • C.J.F. Cremers , M. Feltz .
        4. Cremers, C.J.F., Feltz, M.: ‘Beyond eCK: perfect forward secrecy under actor compromise and ephemeral-key reveal’. Proc. of ESORICS 2012: 17th European Symp. Research in Computer Security, Pisa, Italy, September 2012, pp. 734751.
        . Proc. of ESORICS 2012: 17th European Symp. Research in Computer Security, Pisa , 734 - 751
    5. 5)
      • H. Krawczyk .
        5. Krawczyk, H.: ‘HMQV: A high-performance secure Diffie-Hellman protocol’. Proc. of CRYPTO 2005, Santa Barbara, CA, USA, August 2005, pp. 546566.
        . Proc. of CRYPTO 2005 , 546 - 566
    6. 6)
      • B.A. LaMacchia , K. Lauter , A. Mityagin .
        6. LaMacchia, B.A., Lauter, K., Mityagin, A.: ‘Stronger security of authenticated key exchange’. Proc. of ProvSec 2007, Wollongong, Australia, November 2007, pp. 116.
        . Proc. of ProvSec 2007 , 1 - 16
    7. 7)
      • C. Boyd , J.G. Nieto .
        7. Boyd, C., Nieto, J.G.: ‘On forward secrecy in one-round key exchange’. Proc. of IMA Int. Conf. Cryptography and Coding 2011, Oxford, UK, 12–15 December 2011, pp. 451468.
        . Proc. of IMA Int. Conf. Cryptography and Coding 2011 , 451 - 468
    8. 8)
      • E.S.V. Freire , D. Hofheinz , E. Kiltz .
        8. Freire, E.S.V., Hofheinz, D., Kiltz, E., et al: ‘Non-interactive key exchange’. Proc. of PKC 2013, Nara, Japan, 26 February–1 March 2013, pp. 254271.
        . Proc. of PKC 2013 , 254 - 271
    9. 9)
      • K.-K.R. Choo , C. Boyd , Y. Hitchcock .
        9. Choo, K.-K.R., Boyd, C., Hitchcock, Y.: ‘Errors in computational complexity proofs for protocols’. Proc. of ASIACRYPT 2005, Chennai, India, 4–8 December 2005, pp. 624643.
        . Proc. of ASIACRYPT 2005 , 624 - 643
    10. 10)
      • W.-C. Yau , R.C.-W. Phan , B.-M. Goi .
        10. Yau, W.-C., Phan, R.C.-W., Goi, B.-M., et al: ‘Cryptanalysis of a provably secure cross-realm client-to-client password-authenticated key agreement protocol of cans'09’. Proc. of CANS 2011, Sanya, China, 10–12 December 2011, pp. 172184.
        . Proc. of CANS 2011 , 172 - 184
    11. 11)
      • Z. Yang , S. Li .
        11. Yang, Z., Li, S.: ‘On security analysis of an after-the-fact leakage resilient key exchange protocol’, Inf. Process. Lett., 2016, 116, (1), pp. 3340.
        . Inf. Process. Lett. , 1 , 33 - 40
    12. 12)
      • S. Blake-Wilson , A. Menezes .
        12. Blake-Wilson, S., Menezes, A.: ‘Unknown key-share attacks on the station-to-station (sts) protocol’. Proc. of PKC'99, Kamakura, Japan, 1–3 March 1999, pp. 154170.
        . Proc. of PKC'99 , 154 - 170
    13. 13)
      • E.S.V. Freire , D. Hofheinz , E. Kiltz .
        13. Freire, E.S.V., Hofheinz, D., Kiltz, E., et al: ‘Non-interactive key exchange’. Cryptology ePrint Archive, Report 2012/732, 2012. http://eprint.iacr.org/.
        .
    14. 14)
      • Z. Yang .
        14. Yang, Z.: ‘Efficient eck-secure authenticated key exchange protocols in the standard model’. Proc. of ICICS 2013, Beijing, China, 2013, pp. 185193.
        . Proc. of ICICS 2013 , 185 - 193
    15. 15)
      • F. Bergsma , T. Jager , J. Schwenk .
        15. Bergsma, F., Jager, T., Schwenk, J.: ‘(Talk slides) one-round key exchange with strong security: an efficient and generic construction in the standard model’, 2015.
        .
    16. 16)
      • R. Canetti , H. Krawczykm .
        16. Canetti, R., Krawczykm, H.: ‘Analysis of key-exchange protocols and their use for building secure channels’. Proc. of EUROCRYPT 2001, Innsbruck, Austria, May 2001, pp. 453474.
        . Proc. of EUROCRYPT 2001 , 453 - 474
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2017.0055
Loading

Related content

content/journals/10.1049/iet-ifs.2017.0055
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address