Abstract
This paper proposes new protocols for two goals: authenticated key agreement and authenticated key agreement with key confirmation in the asymmetric (public-key) setting. A formal model of distributed computing is provided, and a definition of the goals within this model supplied. The protocols proposed are then proven correct within this framework in the random oracle model. We emphasize the relevance of these theoretical results to the security of systems used in practice. Practical implementation of the protocols is discussed. Such implementations are currently under consideration for standardization [2, 3, 18].
The author is an EPSRC CASE student sponsored by Racal Airtech. Work performed while a visiting student at Auburn University funded by the Fulbright Commission.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
References
N. Alexandris, M. Burmester, V. Chrissikopoulos, and D. Peppes, “Key agreement protocols: two efficient models for provable security”, Proc. IFIP SEC '96, 227–236.
ANSI X9.42-1996, Agreement of Symmetric Algorithm Keys Using Diffie-Hellman, September 1996, working draft.
ANSI X9.63-1997, Elliptic Curve Key Agreement and Key Transport Protocols, October 1997, working draft.
M. Bellare, R. Canetti, and H. Krawczyk, “Keying hash functions for message authentication”, Crypto '96, 1–15.
M. Bellare, J. Kilian, and P. Rogaway, “The security of cipher block chaining”, Crypto '94, 341–358.
M. Bellare and P. Rogaway, “Entity authentication and key distribution”, Crypto '93, 232–249. A full version of this paper is available at http://www-cse.ucsd.edu/users/mihir
M. Bellare and P. Rogaway, “Random oracles are practical: a paradigm for designing efficient protocols”, 1st ACM Conference on Computer and Communications Security, 1993, 62–73.
M. Bellare and P. Rogaway, “Optimal asymmetric encryption”, Eurocrypt '94, 92–111.
M. Bellare and P. Rogaway, “Provably secure session key distribution—the three party case”, Proc. 27th ACM Symp. Theory of Computing, 1995, 57–66.
M. Bellare and P. Rogaway, “The exact security of digital signatures-how to sign with RSA and Rabin”, Eurocrypt '96, 399–416.
M. Bellare and P. Rogaway, “Minimizing the use of random oracles in authenticated encryption schemes”, Proceedings of PKS'97, 1997.
R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva, and M. Yung, “Systematic design of two-party authentication protocols”, Crypto '91, 44–61.
S. Blake-Wilson and A.J. Menezes, “Entity authentication and authenticated key transport protocols employing asymmetric techniques”, to appear in Security Protocols Workshop '97, 1997.
S. Blake-Wilson, D. Johnson, and A.J. Menezes, “Key agreement protocols and their security analysis”, full version of the current paper, available from the first author, 1997.
D. Boneh and R. Venkatesan, “Hardness of computing the most significant bits of secret keys in Diffie-Hellman and related schemes”, Crypto '96, 129–142.
M. Burmester, “On the risk of opening distributed keys”, Crypto '94, 308–317.
W. Diffie, P.C. van Oorschot, and M.J. Wiener, “Authentication and authenticated key exchanges”, Designs, Codes, and Cryptography, 2 (1992), 107–125.
IEEE P1363, Standard for Public-Key Cryptography, July 1997, working draft.
T. Matsumoto, Y. Takashima, and H. Imai, “On seeking smart public-key-distribution systems”, The Transactions of the IECE of Japan, E69 (1986), 99–106.
U.M. Maurer and S. Wolf, “Diffie-Hellman oracles”, Crypto '96, 268–282.
A.J. Menezes, P.C. van Oorschot, and S.A. Vanstone, Handbook of Applied Cryptography, Chapter 12, CRC Press, 1996.
J.H. Moore, “Protocol failure in cryptosystems”, in Contemporary Cryptology: the Science of Information Integrity, G.J. Simmons, editor, IEEE Press, 1992, 541–558.
D. Pointcheval and J. Stern, “Security proofs for signature schemes”, Eurocrypt '96, 387–398.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1997 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Blake-Wilson, S., Johnson, D., Menezes, A. (1997). Key agreement protocols and their security analysis. In: Darnell, M. (eds) Crytography and Coding. Cryptography and Coding 1997. Lecture Notes in Computer Science, vol 1355. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0024447
Download citation
DOI: https://doi.org/10.1007/BFb0024447
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-63927-5
Online ISBN: 978-3-540-69668-1
eBook Packages: Springer Book Archive