Chapter

Advances in Cryptology - ASIACRYPT 2003

Volume 2894 of the series Lecture Notes in Computer Science pp 155-172

Leakage-Resilient Authenticated Key Establishment Protocols

  • SeongHan ShinAffiliated withInstitute of Industrial Science, The University of Tokyo
  • , Kazukuni KobaraAffiliated withInstitute of Industrial Science, The University of Tokyo
  • , Hideki ImaiAffiliated withInstitute of Industrial Science, The University of Tokyo

Abstract

Authenticated Key Establishment (AKE) protocols enable two entities, say a client (or a user) and a server, to share common session keys in an authentic way. In this paper, we review AKE protocols from a little bit different point of view, i.e. the relationship between information a client needs to possess (for authentication) and immunity to the respective leakage of stored secrets from a client side and a server side. Since the information leakage would be more conceivable than breaking down the underlying cryptosystems, it is desirable to enhance the immunity to the leakage. First and foremost, we categorize AKE protocols according to how much resilience against the leakage can be provided. Then, we propose new AKE protocols that have immunity to the leakage of stored secrets from a client and a server (or servers), respectively. And we extend our protocols to be possible for updating secret values registered in server(s) or password remembered by a client.