Skip to main content
Springer Nature Link
Log in

Reusing Static Keys in Key Agreement Protocols

  • Conference paper
Progress in Cryptology - INDOCRYPT 2009 (INDOCRYPT 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5922))

Included in the following conference series:

  • 925 Accesses

Abstract

Contrary to conventional cryptographic wisdom, the NIST SP 800-56A standard explicitly allows the use of a static key pair in more than one of the key establishment protocols described in the standard. In this paper, we give examples of key establishment protocols that are individually secure, but which are insecure when static key pairs are reused in two of the protocols. We also propose an enhancement of the extended Canetti-Krawczyk security model and definition for the situation where static public keys are reused in two or more key agreement protocols.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. ANSI X9.42, Public Key Cryptography for the Financial Services Industry: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography, American National Standards Institute (2003)

    Google Scholar 

  2. ANSI X9.63, Public Key Cryptography for the Financial Services Industry: Key Agreement and Key Transport Using Elliptic Curve Cryptography, American National Standards Institute (2001)

    Google Scholar 

  3. Anderson, R., Needham, R.: Robustness principles for public key protocols. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 236–247. Springer, Heidelberg (1995)

    Google Scholar 

  4. Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 30–45. Springer, Heidelberg (1997)

    Google Scholar 

  5. Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  6. Boyd, C., Cliff, Y., Nieto, J., Paterson, K.: Efficient one-round key exchange in the standard model. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 69–83. Springer, Heidelberg (2008), http://eprint.iacr.org/2008/007

    Chapter  Google Scholar 

  7. Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001), http://eprint.iacr.org/2001/040

    Chapter  Google Scholar 

  8. Chatterjee, S., Menezes, A., Ustaoglu, B.: Reusing static keys in key agreement protools (full version), Technical Report CACR 2009-36, http://www.cacr.math.uwaterloo.ca/techreports/2009/cacr2009-36.pdf

  9. Coron, J., Joye, M., Naccache, D., Paillier, P.: Universal padding schemes for RSA. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 226–241. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  10. Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 537–554. Springer, Heidelberg (1999)

    Google Scholar 

  11. Gligoroski, D., Andova, S., Knapskog, S.: On the importance of the key separation principle for different modes of operation. In: Chen, L., Mu, Y., Susilo, W. (eds.) ISPEC 2008. LNCS, vol. 4991, pp. 404–418. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  12. Hess, F.: Efficient identity based signature schemes based on pairings. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 310–324. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  13. Kelsey, J., Schneier, B., Wagner, D.: Protocol interactions and the chosen protocol attack. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 91–104. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  14. LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  15. Lauter, K., Mityagin, A.: Security analysis of KEA authenticated key exchange. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G. (eds.) PKC 2006. LNCS, vol. 3958, pp. 378–394. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  16. Law, L., Menezes, A., Qu, M., Solinas, J., Vanstone, S.: An efficient protocol for authenticated key agreement. Designs, Codes and Cryptography 28, 119–134 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  17. Matsumoto, T., Takashima, Y., Imai, H.: On seeking smart public-key distribution systems. The Transactions of the IECE of Japan E69, 99–106 (1986)

    Google Scholar 

  18. Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)

    MATH  Google Scholar 

  19. Menezes, A., Ustaoglu, B.: Security arguments for the UM key agreement protocol in the NIST SP 800-56A standard. In: Proceedings of ASIACCS 2008, pp. 261–270. ACM Press, New York (2008)

    Chapter  Google Scholar 

  20. Menezes, A., Ustaoglu, B.: Comparing the pre- and post-specified peer models for key agreement. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 53–68. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  21. NIST, SKIPJACK and KEA Algorithm Specifications (1998), http://csrc.nist.gov/groups/ST/toolkit/documents/skipjack/skipjack.pdf

  22. Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. Journal of Cryptology 13, 361–396 (2000)

    Article  MATH  Google Scholar 

  23. SP 800-56A, Special Publication 800-56A, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised), National Institute of Standards and Technology (March 2007)

    Google Scholar 

  24. Vasco, M., Hess, F., Steinwandt, R.: Combined (identity-based) public key schemes, Cryptology ePrint Archive Report 2008/466, http://eprint.iacr.org/2008/466

Download references

Author information

Authors and Affiliations

  1. Department of Combinatorics & Optimization, University of Waterloo,  

    Sanjit Chatterjee & Alfred Menezes

  2. NTT Information Sharing Platform Laboratories, Tokyo, Japan

    Berkant Ustaoglu

Authors
  1. Sanjit Chatterjee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alfred Menezes
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Berkant Ustaoglu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Applied Statistics Unit, Indian Statistical Institute, 203 B.T. Road, 700108, Kolkata, India

    Bimal Roy

  2. Projet Team SECRET, Centre de Recherche INRIA Rocquencourt, B.P. 105, 78153, Le Chesnay Cedex, France

    Nicolas Sendrier

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chatterjee, S., Menezes, A., Ustaoglu, B. (2009). Reusing Static Keys in Key Agreement Protocols. In: Roy, B., Sendrier, N. (eds) Progress in Cryptology - INDOCRYPT 2009. INDOCRYPT 2009. Lecture Notes in Computer Science, vol 5922. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10628-6_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-10628-6_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-10627-9

  • Online ISBN: 978-3-642-10628-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics