Skip to main content
Springer Nature Link
Log in

A Generic Variant of NIST’s KAS2 Key Agreement Protocol

  • Conference paper
Information Security and Privacy (ACISP 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6812))

Included in the following conference series:

Abstract

We propose a generic three-pass key agreement protocol that is based on a certain kind of trapdoor one-way function family. When specialized to the RSA setting, the generic protocol yields the so-called KAS2 scheme that has recently been standardized by NIST. On the other hand, when specialized to the discrete log setting, we obtain a new protocol which we call DH2. An interesting feature of DH2 is that parties can use different groups (e.g., different elliptic curves). The generic protocol also has a hybrid implementation, where one party has an RSA key pair and the other party has a discrete log key pair. The security of KAS2 and DH2 is analyzed in an appropriate modification of the extended Canetti-Krawczyk security model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. ANSI X9.44, Public Key Cryptography for the Financial Services Industry: Key Establishment Using Integer Factorization Cryptography, American National Standards Institute (2007)

    Google Scholar 

  2. Bao, F., Deng, R., Zhu, H.: Variations of Diffie-Hellman problem. In: Qing, S., Gollmann, D., Zhou, J. (eds.) ICICS 2003. LNCS, vol. 2836, pp. 301–312. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  3. Boyd, C., Cliff, Y., Nieto, J., Paterson, K.: Efficient one-round key exchange in the standard model. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 69–83. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  4. Boyd, C., Cliff, Y., Nieto, J., Paterson, K.: One-round key exchange in the standard model. International Journal of Applied Cryptography 1, 181–199 (2009)

    Article  MathSciNet  MATH  Google Scholar 

  5. Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001), http://eprint.iacr.org/2001/040

    Chapter  Google Scholar 

  6. Chatterjee, S., Menezes, A., Ustaoglu, B.: Reusing static keys in key agreement protocols. In: Roy, B., Sendrier, N. (eds.) INDOCRYPT 2009. LNCS, vol. 5922, pp. 39–56. Springer, Heidelberg (2009), http://www.cacr.math.uwaterloo.ca/techreports/2009/cacr2009-36.pdf

    Chapter  Google Scholar 

  7. Chatterjee, S., Menezes, A., Ustaoglu, B.: Combined security analysis of the one- and three-pass unified model key agreement protocols. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 49–68. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  8. Chatterjee, S., Menezes, A., Ustaoglu, B.: A generic variant of NIST’s KAS2 key agreement protocol, full version, Technical Report CACR 2011-09, http://www.cacr.math.uwaterloo.ca/techreports/2011/cacr2011-09.pdf

  9. FIPS 186-3, Digital Signature Standard (DSS), Federal Information Processing Standards Publication 186-3, National Institute of Standards and Technology (2009)

    Google Scholar 

  10. Just, M., Vaudenay, S.: Authenticated multi-party key agreement. In: Kim, K.-c., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 36–49. Springer, Heidelberg (1996)

    Chapter  Google Scholar 

  11. Kunz-Jacques, S., Pointcheval, D.: About the security of MTI/C0 and MQV. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 156–172. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  12. LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  13. Lauter, K., Mityagin, A.: Security analysis of KEA authenticated key exchange. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 378–394. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  14. Matsumoto, T., Takashima, Y., Imai, H.: On seeking smart public-key distribution systems. The Transactions of the IECE of Japan E69, 99–106 (1986)

    Google Scholar 

  15. Okamoto, T., Pointcheval, D.: The gap-problem: a new class of problems for the security of cryptographic schemes. In: Kim, K.-c. (ed.) PKC 2001. LNCS, vol. 1992, pp. 104–118. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  16. SP 800-56A, Special Publication 800-56A, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised), National Institute of Standards and Technology (March 2007)

    Google Scholar 

  17. SP 800-56B, Special Publication 800-56B, Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography, National Institute of Standards and Technology (August 2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Indian Institute of Science, India

    Sanjit Chatterjee

  2. University of Waterloo, Canada

    Alfred Menezes

  3. Sabanci University, Turkey

    Berkant Ustaoglu

Authors
  1. Sanjit Chatterjee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alfred Menezes
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Berkant Ustaoglu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Software Engineering, The University of Melbourne, 3010, Victoria, Australia

    Udaya Parampalli

  2. Qualcomm Incorporated, Suite 301, Level 3, 77 King Street, NSW 2000, Sydney, Australia

    Philip Hawkes

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chatterjee, S., Menezes, A., Ustaoglu, B. (2011). A Generic Variant of NIST’s KAS2 Key Agreement Protocol. In: Parampalli, U., Hawkes, P. (eds) Information Security and Privacy. ACISP 2011. Lecture Notes in Computer Science, vol 6812. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22497-3_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22497-3_23

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22496-6

  • Online ISBN: 978-3-642-22497-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics