Abstract
Key agreement protocols are a fundamental building block for ensuring authenticated and private communications between two parties over an insecure network. This paper focuses on key agreement protocols in the asymmetric trust model, wherein parties hold a public/private key pair. In particular, we consider a type of known key attack called key compromise impersonation that may occur once the adversary has obtained the private key of an honest party. This attack represents a subtle threat that is often underestimated and difficult to counter. Several protocols are shown vulnerable to this attack despite their authors claiming the opposite. We also consider in more detail how three formal (complexity-theoretic based) models of distributed computing found in the literature cover such attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Al-Sultan, K., Saeb, M., Elmessiery, M., Badawi, U.A.: A new two-pass key agreement protocol. In: Proceedings of the IEEE Midwest 2003 Symp. on Circuits, Systems and Computers (2003)
Ankney, R., Hohnson, D., Matyas, M.: The Unified Model. Contribution to X9F1 (1995)
Bellare, M., Canetti, R., Krawczyk, H.: A modular approach to the design and analysis of authentication and key exchange protocols. In: 30th Symposium on Theory of Computing, pp. 419–428 (1998)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)
Bellare, M., Rogaway, P.: Provably secure session key distribution - the three party case. In: Proceedings of 27th ACM Symposium on the Theory of Computing (1995)
Bellare, M., Rogaway, P.: The AuthA protocol for password-based authenticated key exchange. Contribution to IEEE P1363 (2000)
Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 30–45. Springer, Heidelberg (1997)
Blake-Wilson, S., Menezes, A.: Entity authentication and authenticated key transport protocols employing asymmetric techniques. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 137–158. Springer, Heidelberg (1998)
Blake-Wilson, S., Menezes, A.: Authenticated diffie-hellman key agreement protocols. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 339–361. Springer, Heidelberg (1999)
Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)
FIPS-PUB-186-2. Digital Signature Standard. National Institute of Standards and Technology (2000)
Hankerson, D., Menezes, A., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer, New York (2004)
IEEE-P1363-2000. Standard specifications for public key cryptography. Institute of Electrical and Electronics Engineers (2000)
IEEE-P1363.2/D15. Standard specifications for password-based public key cryptographic techniques. Institute of Electrical and Electronics Engineers (2004)
Jeong, I.R., Katz, J., Lee, D.H.: One-Round Protocols for Two-Party Authenticated Key Exchange. Applied Cryptography and Network Security (2004)
Just, M., Vaudenay, S.: Authenticated Multi-Party Key Agreement. In: Kim, K.-c., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 36–49. Springer, Heidelberg (1996)
Krawczyk, H.: HMQV: A high-performance secure Diffie-Hellmann protocol (2005), http://eprint.iacr.org/2005/176
Law, L., Menezes, A.J., Qu, M., Solinas, J., Vanstone, S.: An efficient protocol for authenticated key agreement. Designs, Codes and Cryptography 28, 119–134 (2003)
Lee, C., Lim, J., Kim, J.: An efficient and secure key agreement. IEEE p1363a draft (1998)
Matsumoto, T., Takashima, Y., Imai, H.: On seeking smart public-key distribution systems. Transactions of IEICE E69, 99–106 (1986)
Popescu, C.: A Secure Authenticated Key Agreement Protocol. In: Proceedings of the 12th IEEE Mediterranean Electrotechnical Conference (2004)
Shoup, V.: On Formal Models for Secure Key Exchange. Technical Report RZ 3120, IBM Research (1999)
Song, B., Kim, K.: Two-pass authenticated key agreement protocol with key confirmation. In: Roy, B., Okamoto, E. (eds.) INDOCRYPT 2000. LNCS, vol. 1977, pp. 237–249. Springer, Heidelberg (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Strangio, M.A. (2006). On the Resilience of Key Agreement Protocols to Key Compromise Impersonation. In: Atzeni, A.S., Lioy, A. (eds) Public Key Infrastructure. EuroPKI 2006. Lecture Notes in Computer Science, vol 4043. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11774716_19
Download citation
DOI: https://doi.org/10.1007/11774716_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-35151-1
Online ISBN: 978-3-540-35152-8
eBook Packages: Computer ScienceComputer Science (R0)