Skip to main content
SpringerLink
Log in
Book cover

International Conference on Cryptology and Network Security

CANS 2006: Cryptology and Network Security pp 37–54Cite as

A Diffie-Hellman Key Exchange Protocol Without Random Oracles

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4301))

Abstract

The MQV protocol of Law, Menezes, Qu, Slinas and Vanstone has been regarded as the most efficient authenticated Diffie-Hellman key exchange protocol, and standardized by many organizations including the US NSA. In Crypto 2005, Hugo Krawczyk showed vulnerabilities of MQV to several attacks and suggested a hashed variant of MQV, called HMQV, which provides the same superb performance of MQV and provable security in the random oracle model. In this paper we suggest an efficient authenticated Diffie-Hellman key exchange protocol providing the same functionalities and security of HMQV without random oracles. There exist some provably secure key exchange schemes using signatures in the standard model, but all of the schemes do not provide the same level of security of HMQV. So far there are no authenticated Diffie-Hellman protocols which are proven secure in the standard model and achieve the same level of security goals of HMQV efficiently yet. Dispensing of random oracles in our protocol does not require any expensive signature and encryption schemes.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abdalla, M., Bellare, M., Rogaway, P.: DHAES: an encryption scheme based on the Diffie-Hellman problem. IEEE P1363 (submission 1998)

    Google Scholar 

  2. Abdalla, M., Bellare, M., Rogaway, P.: The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 143–158. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  3. American National Standard (ANSI) X9.42-2001, Public Key Cryptography for the Financial Services Industry: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography (2001)

    Google Scholar 

  4. American National Standard (ANSI) X9.63: Public Key Cryptography for the Financial Services Industry: Key Agreement and Key Transport using Elliptic Curve Cryptography

    Google Scholar 

  5. Ankney, R., Johnson, D., Matyas, M.: The Unified Model, Contribution to ANSI X9F1 (1995)

    Google Scholar 

  6. Ateniese, G., Steiner, M., Tsudik, G.: New Multi-Party Authentication Services and Key Agreement Protocols. IEEE Journal of Selected Areas in Communication 18(4), 628–639 (2000)

    Article  Google Scholar 

  7. Boyd, C.: On Key Agreement and Conference Key Agreement. In: Mu, Y., Pieprzyk, J.P., Varadharajan, V. (eds.) ACISP 1997. LNCS, vol. 1270, pp. 294–302. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  8. Bellare, M., Boldyreva, A., Palacio, A.: An Uninstantiable Random-Oracle-Model Scheme for a Hybrid-Encryption Problem. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 171–188. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  9. Bellare, M., Boldyreva, A., Staddon, J.: Randomness Re-use in Multi-recipient Encryption Schemes. In: PKC 2003. LNCS, vol. 2567, pp. 85–99. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  10. Bresson, E., Chevassut, O., Essiari, A., Pointcheval, D.: Mutual Authentication and Group Key Agreement for Low-Power Mobile Devices. In: Proceedings of MWCN 2003, pp. 59–62 (2003)

    Google Scholar 

  11. Bellare, M., Canetti, R., Krawczyk, H.: A Modular Approach to the Design and Analysis of Authentication and Key Exchange Protocols. In: Proceedings of 30th Annual Symposium on the Theory of Computing, pp. 419–428 (1998)

    Google Scholar 

  12. Bresson, E., Chevassut, O., Pointcheval, D.: Provably Authenticated Group Diffie-Hellman Key Exchange - The Dynamic Case. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 290–309. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  13. Burmester, M., Desmedt, Y.: A Secure and Efficient Conference Key Distribution System. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 275–286. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  14. Bellare, M., Fischlin, M., Goldwasser, S., Micali, S.: Identification Protocols Secure against Reset Attacks. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 495–511. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  15. Blake-Wilson, S., Menezes, A.: Authenticated Diffie-Hellman Key Agreement Protocols. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 339–361. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  16. Boyd, C., Nieto, J.M.G.: Round-Optimal Contributory Conference Key Agreement. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 161–174. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  17. Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)

    Google Scholar 

  18. Bellare, M., Rogaway, P.: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In: ACM Conference on Computer and Communications Security, pp. 62–73 (1993)

    Google Scholar 

  19. Choo, K.-K.R., Boyd, C., Hitchcock, Y.: Examining Indistinguishability-Based Proof Models for Key Establishment Protocols. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 585–604. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  20. Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology. In: STOC 1998 (1998) (revisited)

    Google Scholar 

  21. Canetti, R., Krawczyk, H.: Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  22. Canetti, R., Krawczyk, H.: Universally Composable Notions of Key Exchange and Secure Channels. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 337–351. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  23. Canetti, R., Krawczyk, H.: Security Analysis of IKE’s Signature-Based Key-Exchange Protocol. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 143–161. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  24. Diffie, W., Hellman, M.: New Directions in Cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)

    Article  MATH  MathSciNet  Google Scholar 

  25. Diffie, W., van Oorschot, P.C., Wiener, M.J.: Authentication and Authenticated Key Exchanges. Designs, Codes and Cryptography 2, 107–125 (1992)

    Article  Google Scholar 

  26. Denning, D., Sacco, G.M.: Timestamps in Key Distribution Protocols. Comm. ACM 24(8), 533–536 (1981)

    Article  Google Scholar 

  27. Diffie, W., van Oorschot, P., Wiener, M.: Authentication and Authenticated Key Exchanges. Designs, Codes, and Cryptography 2(2), 107–125 (1992)

    Article  MathSciNet  Google Scholar 

  28. Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. Journal of the ACM 33(4), 210–217 (1986)

    Article  MathSciNet  Google Scholar 

  29. Goldwasser, S., Micali, S., Rivest, R.L.: A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks. SIAM J. Comput. 17(2), 281–308 (1988)

    Article  MATH  MathSciNet  Google Scholar 

  30. Goldwasser, S., Tauman, Y.: On the (In)security of the Fiat-Shamir Paradigm. In: FOCS 2003, pp. 102–115. IEEE Computer Society, Los Alamitos (2003)

    Google Scholar 

  31. IEEE 1363-2000: Standard Speci.cations for Public Key Cryptography

    Google Scholar 

  32. Ingemarasson, I., Tang, D.T., Wong, C.K.: A Conference Key Distribution System. IEEE Transactions on Information Theory 28(5), 714–720 (1982)

    Article  Google Scholar 

  33. ISO/IEC IS 15946-3 Information technology - Security techniques - Cryptographic techniques based on elliptic curves - Part 3: Key establishment (2002)

    Google Scholar 

  34. Jeong, I., Katz, J., Lee, D.: One-Round Protocols for Two-Party Authenticated Key Exchange. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 220–232. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  35. Kurosawa, K.: Multi-recipient Public-Key Encryption with Shortened Ciphertext. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 48–63. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  36. Krawczyk, H.: HMQV: A High-Performance Secure Diffie-Hellman Protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 546–566. Springer, Heidelberg (2005)

    Google Scholar 

  37. Krawczyk, H.: HMQV: A High-Performance Secure Diffie-Hellman Protocol. Full version of [36], in: eprint.iacr.org/2005/176 (2005)

    Google Scholar 

  38. Katz, J., Yung, M.: Scalable Protocols for Authenticated Group Key Exchange. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 110–125. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  39. Law, L., Menezes, A., Qu, M., Solinas, J., Vanstone, S.: An Efficient Protocol for Authenticated Key Agreement. Designs, Codes and Cryptography 28, 119–134 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  40. Menezes, A.: Another Look at HMQV (2005), http://eprint.iacr.org/2005/205

  41. Menezes, A., Qu, M., Vanstone, S.: Some new key agreement protocols providing mutual implicit authentication. In: SAC 1995 (1995)

    Google Scholar 

  42. NIST Special Publication 800-56 (DRAFT): Recommendation on Key Establishment Schemes. Draft 2 (January 2003)

    Google Scholar 

  43. NSAs Elliptic Curve Licensing Agreement, presentation by Mr. John Stasak (Cryptography Office, National Security Agency) to the IETF’s Security Area Advisory Group (November 2004), http://www.machshav.com/~smb/saag-11-2004/NSA-EC-License.pdf

  44. Shoup, V.: On Formal Models for Secure Key Exchange, available at: http://eprint.iacr.org

  45. Secure hash standard. National Institute of Standards and Technology, NIST FIPS PUB 180-1, U.S. Department of Commerce (April 1995)

    Google Scholar 

  46. Blake-Wilson, S., Johnson, D., Menezes, A.: Key Agreement Protocols and their Security Analysis. In: Proceedings of Sixth IMA International Conference on Cryptography and Coding, pp. 30–45 (1997)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Electronics and Telecommunications Research Institute (ETRI), Daejeon, Korea

    Ik Rae Jeong

  2. Center for Information Security Technologies (CIST), Korea University, Seoul, Korea

    Jeong Ok Kwon & Dong Hoon Lee

Authors
  1. Ik Rae Jeong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jeong Ok Kwon
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dong Hoon Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Ecole Normale Supérieure – LIENS/CNRS/INRIA,, France

    David Pointcheval

  2. Centre for Computer and Information Security Research School of Computer Science and Software Engineering, University of Wollongong, Australia

    Yi Mu

  3. Department of Computer Science and Engineering, Shanghai Jiao Tong University, 200240, Shanghai, China

    Kefei Chen

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jeong, I.R., Kwon, J.O., Lee, D.H. (2006). A Diffie-Hellman Key Exchange Protocol Without Random Oracles. In: Pointcheval, D., Mu, Y., Chen, K. (eds) Cryptology and Network Security. CANS 2006. Lecture Notes in Computer Science, vol 4301. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11935070_3

Download citation

  • DOI: https://doi.org/10.1007/11935070_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-49462-1

  • Online ISBN: 978-3-540-49463-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation