Skip to main content
Springer Nature Link
Log in

Efficient Mutual Data Authentication Using Manually Authenticated Strings

  • Conference paper
Cryptology and Network Security (CANS 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4301))

Included in the following conference series:

  • 972 Accesses

Abstract

Solutions for an easy and secure setup of a wireless connection between two devices are urgently needed for WLAN, Wireless USB, Bluetooth and similar standards for short range wireless communication. All such key exchange protocols employ data authentication as an unavoidable subtask. As a solution, we propose an asymptotically optimal protocol family for data authentication that uses short manually authenticated out-of-band messages. Compared to previous articles by Vaudenay and Pasini the results of this paper are more general and based on weaker security assumptions. In addition to providing security proofs for our protocols, we focus also on implementation details and propose practically secure and efficient sub-primitives for applications.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Bierbrauer, J., Johansson, T., Kabatianskii, G., Smeets, B.: On Families of Hash Functions via Geometric Codes and Concatenation. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 331–342. Springer, Heidelberg (1994)

    Google Scholar 

  2. Bellovin, S., Merrit, M.: Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks. In: Proc. of the IEEE Symposium on Security and Privacy, pp. 72–84 (1992)

    Google Scholar 

  3. Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)

    Google Scholar 

  4. Bellare, M., Sahai, A.: Non-malleable Encryption: Equivalence between Two Notions, and an Indistinguishability-Based Characterization. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 519–536. Springer, Heidelberg (1999)

    Google Scholar 

  5. Bluetooth Special Interest Group. Simple Pairing Whitepaper (Revision V10r00) (2006), http://www.bluetooth.com/Bluetooth/Apply/Technology/Research/Simple_Pairing.htm

  6. Cagalj, M., Capkun, S., Hubaux, J.-P.: Key agreement in peer-to-peer wireless networks. Proc. of the IEEE 94(2), 467–478 (2006)

    Article  Google Scholar 

  7. Di Crescenzo, G., Ishai, Y., Ostrovsky, R.: Non-interactive and non-malleable commitment. In: STOC 1998, pp. 141–150 (1998)

    Google Scholar 

  8. Cramer, R., Shoup, V.: A Practical Public Key Cryptosystem Provably Secure against Adaptive Chosen Ciphertext Attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998)

    Google Scholar 

  9. Dolev, D., Dwork, C., Naor, M.: Non-malleable cryptography. In: STOC 1991, pp. 542–552. ACM Press, New York (1991)

    Chapter  Google Scholar 

  10. Damgård, I., Groth, J.: Non-interactive and reusable non-malleable commitment schemes. In: STOC 2003, pp. 426–437 (2003)

    Google Scholar 

  11. Fischlin, M., Fischlin, R.: Efficient Non-malleable Commitment Schemes. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 413–431. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  12. Fujisaki, E., Okamoto, T., Pointcheval, D., Stern, J.: RSA-OAEP Is Secure under the RSA Assumption. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 260–274. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  13. Gehrmann, C., Mitchell, C.J., Nyberg, K.: Manual authentication for wireless devices. RSA Cryptobytes 7(1), 29–37 (2004)

    Google Scholar 

  14. Hoepman, J.-H.: Ephemeral Pairing on Anonymous Networks. In: Hutter, D., Ullmann, M. (eds.) SPC 2005. LNCS, vol. 3450, pp. 101–116. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  15. Kurosawa, K., Desmedt, Y.: A New Paradigm of Hybrid Encryption Scheme. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 426–442. Springer, Heidelberg (2004)

    Google Scholar 

  16. Katz, J., Ostrovsky, R., Yung, M.: Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  17. Laur, S., Asokan, N., Nyberg, K.: Efficient Mutual Data Authentication Using Manually Authenticated Strings: Preleiminary Version. Cryptology ePrint Archive, Report 2005/424 (2005), http://eprint.iacr.org/

  18. Laur, S., Nyberg, K.: Efficient Mutual Data Authentication Using Manually Authenticated Strings: Extended Version. Cryptology ePrint Archive, Report 2005/424 (2006), http://eprint.iacr.org/

  19. MacKenzie, P.D., Yang, K.: On Simulation-Sound Trapdoor Commitments. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 382–400. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  20. Nyberg, K., Gilbert, H., Robshaw, M.: Galois MAC with forgery probability close to ideal. General Public Comments on NIST Cryptopage (2005)

    Google Scholar 

  21. Naor, M., Segev, G., Smith, A.: Tight Bounds for Unconditional Authentication Protocols in the Manual Channel and Shared Key Models. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 214–231. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  22. Pasini, S., Vaudenay, S.: An Optimal Non-interactive Message Authentication Protocol. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 280–294. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  23. Pasini, S., Vaudenay, S.: SAS-Based Authenticated Key Agreement. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G. (eds.) PKC 2006. LNCS, vol. 3958, pp. 395–409. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  24. Stinson, D.R.: Universal Hashing and Authentication Codes. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 74–85. Springer, Heidelberg (1992)

    Google Scholar 

  25. Vaudenay, S.: Secure Communications over Insecure Channels Based on Short Authenticated Strings. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 309–326. Springer, Heidelberg (2005)

    Google Scholar 

  26. Association Models Supplement to the Certified Wireless Universal Serial Bus Specification (2006), http://www.usb.org/developers/wusb/

  27. Zimmermann, P., Johnston, A., Callas, J.: ZRTP: Extensions to RTP for Diffie-Hellman Key Agreement for SRTP draft-zimmermann-avt-zrtp-01 (March 2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Nokia Research Center, Finland

    Kaisa Nyberg

  2. Helsinki University of Technology, Finland

    Sven Laur & Kaisa Nyberg

Authors
  1. Sven Laur
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kaisa Nyberg
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Ecole Normale Supérieure – LIENS/CNRS/INRIA,, France

    David Pointcheval

  2. Centre for Computer and Information Security Research School of Computer Science and Software Engineering, University of Wollongong, Australia

    Yi Mu

  3. Department of Computer Science and Engineering, Shanghai Jiao Tong University, 200240, Shanghai, China

    Kefei Chen

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Laur, S., Nyberg, K. (2006). Efficient Mutual Data Authentication Using Manually Authenticated Strings. In: Pointcheval, D., Mu, Y., Chen, K. (eds) Cryptology and Network Security. CANS 2006. Lecture Notes in Computer Science, vol 4301. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11935070_6

Download citation

  • DOI: https://doi.org/10.1007/11935070_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-49462-1

  • Online ISBN: 978-3-540-49463-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics