Skip to main content
SpringerLink
Log in

Leakage Resilient Authenticated Key Exchange Secure in the Auxiliary Input Model

  • Conference paper
Information Security Practice and Experience (ISPEC 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7863))

Abstract

Authenticated key exchange (AKE) protocols allow two parties communicating over an insecure network to establish a common secret key. They are among the most widely used cryptographic protocols in practice. In order to resist key-leakage attacks, several leakage resilient AKE protocols have been proposed recently in the bounded leakage model. In this paper, we initiate the study on leakage resilient AKE in the auxiliary input model. A promising way to construct such a protocol is to use a digital signature scheme that is entropically-unforgeable under chosen message and auxiliary input attacks. However, to date we are not aware of any digital signature scheme that can satisfy this requirement. On the other hand, we show that in the random oracle model, it is sufficient to use a digital signature scheme that is secure under random message and auxiliary input attacks in order to build a secure AKE protocol in the auxiliary input model, while the existence of such a digital signature scheme has already been proven. We will also give a comparison between the existing public-key encryption based and digital signature based leakage resilient AKE protocols. We show that the latter can provide a higher level of security than the former.

This work is supported by the ARC Future Fellowship (FT0991397).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aiello, W., Bellovin, S.M., Blaze, M., Canetti, R., Ioannidis, J., Keromytis, A.D., Reingold, O.: Just fast keying: Key agreement in a hostile Internet. ACM Trans. Inf. Syst. Secur. 7(2), 242–273 (2004)

    Article  Google Scholar 

  2. Akavia, A., Goldwasser, S., Vaikuntanathan, V.: Simultaneous hardcore bits and cryptography against memory attacks. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 474–495. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  3. Alwen, J., Dodis, Y., Wichs, D.: Leakage-resilient public-key cryptography in the bounded-retrieval model. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 36–54. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  4. Bellare, M., Canetti, R., Krawczyk, H.: Modular approach to the design and analysis of key exchange protocols. In: ACM STOC 1998, pp. 419–428 (1998)

    Google Scholar 

  5. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  6. Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  7. Bellare, M., Rogaway, P.: Provably secure session key distribution — the three party case. In: ACM STOC 1995, pp. 57–66 (1995)

    Google Scholar 

  8. Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: ACM CCS 1993, pp. 62–73 (1993)

    Google Scholar 

  9. Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  10. Boyd, C., Cliff, Y., Gonzalez Nieto, J.M., Paterson, K.G.: Efficient one-round key exchange in the standard model. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 69–83. Springer, Heidelberg (2008), http://eprint.iacr.org/2008/007

    Chapter  Google Scholar 

  11. Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001), http://eprint.iacr.org/2001/040/

    Chapter  Google Scholar 

  12. Canetti, R., Krawczyk, H.: Security analysis of IKE’s signature-based key-exchange protocol. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 143–161. Springer, Heidelberg (2002), http://eprint.iacr.org/2002/120/

    Chapter  Google Scholar 

  13. Di Crescenzo, G., Lipton, R.J., Walfish, S.: Perfectly secure password protocols in the bounded retrieval model. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 225–244. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  14. Dodis, Y., Goldwasser, S., Tauman Kalai, Y., Peikert, C., Vaikuntanathan, V.: Public-key encryption schemes with auxiliary inputs. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 361–381. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  15. Dodis, Y., Haralambiev, K., López-Alt, A., Wichs, D.: Efficient public-key cryptography in the presence of key leakage. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 613–631. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  16. Dodis, Y., Tauman Kalai, Y., Lovett, S.: On cryptography with auxiliary input. In: ACM STOC 2009, pp. 621–630 (2009)

    Google Scholar 

  17. Dziembowski, S.: Intrusion-resilience via the bounded-storage model. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 207–224. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  18. Faust, S., Hazay, C., Nielsen, J.B., Nordholt, P.S., Zottarel, A.: Signature schemes secure against hard-to-invert leakage. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 98–115. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  19. Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: Concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  20. Entity authentication mechanisms - Part 3: Entity authentication using asymmetric techniques. ISO/IEC IS 9798-3 (1993)

    Google Scholar 

  21. Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  22. Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  23. Krawczyk, H.: SIGMA: The ‘SIGn-and-MAc’ Approach to Authenticated Diffie-Hellman and Its Use in the IKE Protocols. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 400–425. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  24. LaMacchia, B.A., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  25. Moriyama, D., Okamoto, T.: Leakage resilient eCK-secure key exchange protocol without random oracles. In: ACM ASIACCS 2011, pp. 441–447 (2011)

    Google Scholar 

  26. Naor, M., Segev, G.: Public-key cryptosystems resilient to key leakage. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 18–35. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  27. Okamoto, T.: Authenticated key exchange and key encapsulation in the standard model. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 474–484. Springer, Heidelberg (2007), Full paper available at http://eprint.iacr.org/2007/473

    Chapter  Google Scholar 

  28. Yang, G., Duan, S., Wong, D.S., Tan, C.H., Wang, H.: Authenticated key exchange under bad randomness. In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 113–126. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  29. Yang, G., Wong, D.S., Wang, H., Deng, X.: Two-factor mutual authentication based on smart cards and passwords. J. Comput. Syst. Sci. 74(7), 1160–1172 (2008)

    Article  MathSciNet  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Centre for Computer and Information Security Research School of Computer Science and Software Engineering, University of Wollongong, Australia

    Guomin Yang, Yi Mu & Willy Susilo

  2. Department of Computer Science, City University of Hong Kong, Hong Kong

    Duncan S. Wong

Authors
  1. Guomin Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yi Mu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Willy Susilo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Duncan S. Wong
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information Systems, Singapore Management University, 178902, Singapore, Singapore

    Robert H. Deng

  2. School of Computer and Communication, University of technology, 730050, Lanzhou, China

    Tao Feng

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yang, G., Mu, Y., Susilo, W., Wong, D.S. (2013). Leakage Resilient Authenticated Key Exchange Secure in the Auxiliary Input Model. In: Deng, R.H., Feng, T. (eds) Information Security Practice and Experience. ISPEC 2013. Lecture Notes in Computer Science, vol 7863. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38033-4_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-38033-4_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-38032-7

  • Online ISBN: 978-3-642-38033-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation