Strongly Secure Key Exchange Protocol with Minimal KEM

  • Baoping Tian
  • Fushan Wei
  • Chuangui Ma
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9065)


In this paper, we give a generic construction of two-pass authenticated key exchange (AKE) protocol from key encapsulation mechanism (KEM). Our construction is provably secure without random oracles in the CK  +  model which is stronger than CK model and eCK model. Compared with similar KEM-based AKE protocols, our generic construction achieves CK  +  security with the minimal KEM (namely, one CCA-secure KEM and one CPA-secure KEM).


pubic key cryptography KEM twisted PRF CK  +  model standard model 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Law, L., et al.: An efficient protocol for authenticated key agreement. Designs, Codes and Cryptography 28(2), 119–134 (2003)MathSciNetCrossRefzbMATHGoogle Scholar
  2. 2.
    Krawczyk, H.: HMQV: A high-performance secure diffie-hellman protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 546–566. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  3. 3.
    LaMacchia, B.A., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  4. 4.
    Ustaoglu, B.: Obtaining a secure and efficient key agreement protocol from (H) MQV and NAXOS. Designs, Codes and Cryptography 46(3), 329–342 (2008)MathSciNetCrossRefGoogle Scholar
  5. 5.
    Dent, A.W.: Adapting the weaknesses of the random oracle model to the generic group model. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 100–109. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  6. 6.
    Boyd, C., Cliff, Y., Gonzalez Nieto, J.M., Paterson, K.G.: Efficient One-Round Key Exchange in the Standard Model. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 69–83. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  7. 7.
    Canetti, R., Krawczyk, H.: Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Fujioka, A., Suzuki, K., Xagawa, K., Yoneyama, K.: Strongly secure authenticated key exchange from factoring, codes, and lattices. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 467–484. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  9. 9.
    Kurosawa, K., Furukawa, J.: 2-Pass Key Exchange Protocols from CPA-Secure KEM. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 385–401. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  10. 10.
    Kurosawa, K., Phong, L.T.: Kurosawa-Desmedt Key Encapsulation Mechanism, Revisited. In: IACR Cryptology ePrint Archive 2013, p. 765 (2013),
  11. 11.
    Fujioka, A., et al.: Strongly Secure Authenticated Key Exchange from Factoring, Codes, and Lattices. In: IACR Cryptology ePrint Archive 2012, p. 211 (2012),
  12. 12.
    Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  13. 13.
    Cremers, C.J.: Formally and Practically Relating the CK, CK-HMQV, and eCK Security Models for Authenticated Key Exchange. In: IACR Cryptology ePrint Archive, p. 253 (2009)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Baoping Tian
    • 1
  • Fushan Wei
    • 1
  • Chuangui Ma
    • 1
  1. 1.State Key Laboratory of Mathematical Engineering and Advanced ComputingZhengzhou Information Science and Technology InstituteZhengzhouChina

Personalised recommendations