Skip to main content
SpringerLink
Log in
Book cover

IMA International Conference on Cryptography and Coding

IMACC 2011: Cryptography and Coding pp 451–468Cite as

On Forward Secrecy in One-Round Key Exchange

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7089))

Abstract

Most one-round key exchange protocols provide only weak forward secrecy at best. Furthermore, one-round protocols with strong forward secrecy often break badly when faced with an adversary who can obtain ephemeral keys. We provide a characterisation of how strong forward secrecy can be achieved in one-round key exchange. Moreover, we show that protocols exist which provide strong forward secrecy and remain secure with weak forward secrecy even when the adversary is allowed to obtain ephemeral keys. We provide a compiler to achieve this for any existing secure protocol with weak forward secrecy.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bellare, M., Canetti, R., Krawczyk, H.: A modular approach to the design and analysis of authentication and key exchange protocols. In: 30th ACM Symposium on Theory of Computing, pp. 419–428. ACM Press (1998), http://www-cse.ucsd.edu/users/mihir/papers/key-distribution.html

  2. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  3. Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994), http://www-cse.ucsd.edu/users/mihir

    Chapter  Google Scholar 

  4. Bellare, M., Rogaway, P.: Provably secure session key distribution – the three party case. In: 27th ACM Symposium on Theory of Computing, pp. 57–66. ACM Press (1995)

    Google Scholar 

  5. Boyd, C., Cliff, Y., Gonzalez Nieto, J.M., Paterson, K.G.: Efficient One-Round Key Exchange in the Standard Model. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 69–83. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  6. Canetti, R., Krawczyk, H.: Analysis of Key-exchange Protocols and their use for Building Secure Channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001), http://eprint.iacr.org/2001/040/

    Chapter  Google Scholar 

  7. Canetti, R., Krawczyk, H.: Universally Composable Notions of Key Exchange and Secure Channels. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 337–351. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  8. Chatterjee, S., Menezes, A., Ustaoglu, B.: Reusing Static Keys in Key Agreement Protocols. In: Roy, B., Sendrier, N. (eds.) INDOCRYPT 2009. LNCS, vol. 5922, pp. 39–56. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  9. Chow, S.S.M., Choo, K.-K.R.: Strongly-Secure Identity-Based Key Agreement and Anonymous Extension. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 203–220. Springer, Heidelberg (2007), http://eprint.iacr.org/2007/018

    Chapter  Google Scholar 

  10. Cremers, C., Feltz, M.: One-round strongly secure key exchange with perfect forward secrecy and deniability. Cryptology ePrint Archive, Report 2011/300 (2011), http://eprint.iacr.org/

  11. Cremers, C.J.F.: Formally and practically relating the CK, CK-HMQV, and eCK security models for authenticated key exchange. Cryptology ePrint Archive, Report 2009/253 (2009), http://eprint.iacr.org/

  12. Dent, A.W.: A note on game-hopping proofs. Cryptology ePrint Archive, Report 2006/260 (2006), http://eprint.iacr.org/2006/260/

  13. Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)

    Article  MATH  MathSciNet  Google Scholar 

  14. Diffie, W., van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchange. Designs, Codes and Cryptography 2, 107–125 (1992)

    Article  MathSciNet  Google Scholar 

  15. Gennaro, R., Krawczyk, H., Rabin, T.: Okamoto-Tanaka Revisited: Fully Authenticated Diffie-Hellman with Minimal Overhead. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 309–328. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  16. Jeong, I.R., Katz, J., Lee, D.-H.: One-round Protocols for Two-party Authenticated Key Exchange. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 220–232. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  17. Krawczyk, H.: HMQV: A High-Performance Secure Diffie–Hellman Protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 546–566. Springer, Heidelberg (2005), http://eprint.iacr.org/2005/176/

    Chapter  Google Scholar 

  18. LaMacchia, B.A., Lauter, K., Mityagin, A.: Stronger Security of Authenticated Key Exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  19. Menezes, A., Ustaoglu, B.: Comparing the pre- and post-specified peer models for key agreement. IJACT 1(3), 236–250 (2009)

    Article  MATH  MathSciNet  Google Scholar 

  20. Okamoto, E.: Key Distribution Systems Based on Identification Information. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 194–202. Springer, Heidelberg (1988)

    Google Scholar 

  21. Okamoto, E., Tanaka, K.: Key distribution system based on identification information. IEEE Journal on Selected Areas in Communications 7(4), 481–485 (1989)

    Article  Google Scholar 

  22. Okamoto, T., Pointcheval, D.: The Gap-problems: a New Class of Problems for the Security of Cryptographic Schemes. In: Kim, K.-c. (ed.) PKC 2001. LNCS, vol. 1992, pp. 104–118. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  23. Sarr, A.P., Elbaz-Vincent, P., Bajard, J.-C.: A new security model for authenticated key agreement. Cryptology ePrint Archive, Report 2010/237 (2010), http://eprint.iacr.org/

  24. Shoup, V.: On formal models for secure key exchange (November 1999), http://www.shoup.net

  25. Ustaoglu, B.: Comparing SessionStateReveal and EphemeralKeyReveal for Diffie–Hellman Protocols. In: Pieprzyk, J., Zhang, F. (eds.) ProvSec 2009. LNCS, vol. 5848, pp. 183–197. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  26. Ustaoglu, B.: Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS. Des. Codes Cryptography 46(3), 329–342 (2008)

    Article  MATH  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Institute, Queensland University of Technology, Brisbane, Australia

    Colin Boyd & Juan González Nieto

Authors
  1. Colin Boyd
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Juan González Nieto
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Hewlett-Packard Laboratories, UK

    Liqun Chen

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Boyd, C., Nieto, J.G. (2011). On Forward Secrecy in One-Round Key Exchange. In: Chen, L. (eds) Cryptography and Coding. IMACC 2011. Lecture Notes in Computer Science, vol 7089. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25516-8_27

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-25516-8_27

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-25515-1

  • Online ISBN: 978-3-642-25516-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation