Abstract
While a lot of work has been done on the design and security analysis of PKI-based authenticated key exchange (AKE) protocols, very few exist in the symmetric key setting. The first provably secure symmetric AKE was proposed by Bellare and Rogaway (BR) in CRYPTO 1994 and so far this stands out as the most prominent one for symmetric key setting. In line with the significant progress done for PKI based system, we propose a stronger model than the BR model for symmetric key based system. We assume that the adversary can launch active attacks. In addition, the adversary can also obtain long term secret keys of the parties and the internal states of parties by getting access to their ephemeral secrets (or internal randomness) by means of appropriate oracle queries. The salient feature of our model is the way we handle active adversaries even in the test session.
We also design a symmetric key AKE construction that is provably secure against active adversaries in our new model using weak primitives. Dodis et al. (EUROCRYPT 2012) used weak Pseudo Random Functions (wPRF) and weak Almost-XOR Universal hash function family (wAXU) to design a three-pass one-sided authentication protocol in the symmetric key paradigm. A direct application of their techniques yields a four-pass (two-round) symmetric key AKE protocol with mutual authentication. Our construction uses particular instances of these weak primitives and introduces a novel technique called input-swapping to achieve a three-pass symmetric key AKE protocol with mutual authentication resisting active attacks (even in the test session). Our construction is proven secure in the Random oracle Model under the DDH assumption.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Basin, D., Cremers, C., Meier, S.: Provably repairing the iso/iec 9798 standard for entity authentication. J. Comput. Secur. 21(6), 817–846 (2013)
Bird, R.S., Gopal, I., Herzberg, A., Janson, P., Kutten, S., Molva, R., Yung, M.: Systematic design of two-party authentication protocols. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 44–61. Springer, Heidelberg (1992)
Byun, J.K., Lee, D.H., Lim, J.I.: Ec2c-paka: An efficient client-to-client password-authenticated key agreement. Inf. Sci. 177(19), 3995–4013 (2007)
Boyd, C.: Hidden assumptions in cryptographic protocols. IEE Proc. E (Comput. Digital Tech.) 137(6), 433–436 (1990)
Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)
Chien, H.-Y.: Sasi: A new ultralightweight rfid authentication protocol providing strong authentication and strong integrity. IEEE Trans. Dependable Secure Comput. 4(4), 337–340 (2007)
Clark, J.A., Jacob, J.L.: A survey of authentication protocol literature: Version 1.0. (1997)
Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)
Cao, T., Lei, H.: Privacy-enhancing authenticated key agreement protocols based on elliptic curve cryptosystem. Acta Electronica Sinica 36(2), 397 (2008)
Cheng, H., Yang, G.: Ekaes: An efficient key agreement and encryption scheme for wireless sensor networks. J. Electron. (China) 25(4), 495–502 (2008)
Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)
Dodis, Y., Kiltz, E., Pietrzak, K., Wichs, D.: Message authentication, revisited. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 355–374. Springer, Heidelberg (2012)
Diffie, W., Van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchanges. Des. Codes Crypt. 2(2), 107–125 (1992)
Gong, L., Needham, R., Yahalom, R.: Reasoning about belief in cryptographic protocols. In: Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 234–248. IEEE (1990)
Günther, C.G.: An identity-based key-exchange protocol. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 29–37. Springer, Heidelberg (1990)
Jeong, I.R., Katz, J., Lee, D.-H.: One-round protocols for two-party authenticated key exchange. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 220–232. Springer, Heidelberg (2004)
Krawczyk, H.: HMQV: a high-performance secure Diffie-Hellman protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 546–566. Springer, Heidelberg (2005)
Rongxing, L., Cao, Z., Zhu, H.: An enhanced authenticated key agreement protocol for wireless mobile communication. Comput. Stand. Interfaces 29(6), 647–652 (2007)
LaMacchia, B.A., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007)
Law, L., Menezes, A., Minghua, Q., Solinas, J., Vanstone, S.: An efficient protocol for authenticated key agreement. Des. Codes Crypt. 28(2), 119–134 (2003)
Menezes, A., Ustaoglu, B.: Comparing the pre- and post-specified peer models for key agreement. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 53–68. Springer, Heidelberg (2008)
Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21(12), 993–999 (1978)
Otway, D., Rees, O.: Efficient and timely mutual authentication. ACM SIGOPS Operating Syst. Rev. 21(1), 8–10 (1987)
Satyanarayanan, M.: Scalable, secure, and highly available distributed file access. Computer 23(5), 9–18 (1990)
Sarr, A.P., Elbaz-Vincent, P., Bajard, J.-C.: A new security model for authenticated key agreement. In: Garay, J.A., De Prisco, R. (eds.) SCN 2010. LNCS, vol. 6280, pp. 219–234. Springer, Heidelberg (2010)
Shoup, V.: On formal models for secure key exchange. Citeseer (1999)
Ustaoglu, B.: Obtaining a secure and efficient key agreement protocol from (h) mqv and naxos. Des. Codes Crypt. 46(3), 329–342 (2008)
Acknowledgments
The first two authors sincerely thank Rishiraj Bhattacharyya for a few technical discussions during the early stage of this work, that clarified some doubts on this topic. Part of this work was done while the first author was visiting R. C. Bose Centre for Cryptology and Security, Indian Statistical Institute, Kolkata during the Summer of 2015, and the third author was visiting the Simons Institute for the Theory of Computing, supported by the Simons Foundation and by the DIMACS/Simons Collaboration in Cryptography through NSF grant #CNS-1523467. The second author is also grateful to the Project CoEC (Centre of Excellence in Cryptology), Indian Statistical Institute, Kolkata, funded by the Government of India, for partial support towards this project.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Chakraborty, S., Paul, G., Rangan, C.P. (2015). Forward-Secure Authenticated Symmetric Key Exchange Protocol: New Security Model and Secure Construction. In: Au, MH., Miyaji, A. (eds) Provable Security. ProvSec 2015. Lecture Notes in Computer Science(), vol 9451. Springer, Cham. https://doi.org/10.1007/978-3-319-26059-4_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-26059-4_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-26058-7
Online ISBN: 978-3-319-26059-4
eBook Packages: Computer ScienceComputer Science (R0)