Advertisement

Entity Authentication and Key Distribution

  • Mihir Bellare
  • Phillip Rogaway
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 773)

Abstract

We provide the first formal treatment of entity authentication and authenticated key distribution appropriate to the distributed environment. Addressed in detail are the problems of mutual authentication and authenticated key exchange for the symmetric, two-party setting. For each we present a definition, protocol, and proof that the protocol meets its goal, assuming only the existence of a pseudorandom function.

Keywords

Authentication Protocol Mutual Authentication Security Parameter Pseudorandom Function Entity Authentication 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    M. Bellare, U. Feige, J. Kilian, M. Naor and P. Rogaway, “The security of cipher block chaining,” manuscript (1993).Google Scholar
  2. 2.
    M. Bellare and P. Rogaway, “Random oracles are practical: a paradigm for designing efficient protocols,” Proceedings of 1st ACM Conference on Computer and Communications Security, November 1993.Google Scholar
  3. 3.
    R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva and M. Yung, “Systematic design of two-party authentication protocols,” Advances in Cryptology — Proceedings of CRYPTO 91, Springer-Verlag, 1991.Google Scholar
  4. 4.
    M. Blum and S. Micali, “How to generate cryptographically strong sequences of pseudo-random bits,” SIAM Journal on Computing 13(4), 850–864 (November 1984).CrossRefMATHMathSciNetGoogle Scholar
  5. 5.
    M. Burrows, M. Abadi and R. Needham, “A logic for authentication,” DEC Systems Research Center Technical Report 39, February 1990. Earlier versions in Proceedings of the Second Conference on Theoretical Aspects of Reasoning about Knowledge, 1988, and Proceedings of the Twelfth ACM Symposium on Operating Systems Principles, 1989.Google Scholar
  6. 6.
    W. Diffie, P. Van Oorschot and M. Wiener, “Authentication and authenticated key exchanges,” Designs, Codes and Cryptography, 2, 107–125 (1992).CrossRefGoogle Scholar
  7. 7.
    U. Feige, A. Fiat and A. Shamir, “Zero knowledge proofs of identity,” Journal of Cryptology, Vol. 1, pp. 77–94 (1987).CrossRefMathSciNetGoogle Scholar
  8. 8.
    O. Goldreich, “Foundations of cryptography,” class notes, Technion University, Computer Science Department, Spring 1989.Google Scholar
  9. 9.
    O. Goldreich, “A uniform complexity treatment of encryption and zero-knowledge,” Journal of Cryptology, Vol. 6, pp. 21–53 (1993).CrossRefMATHMathSciNetGoogle Scholar
  10. 10.
    O. Goldreich, S. Goldwasser and S. Micali, “How to construct random functions,” Journal of the ACM, Vol. 33, No. 4, 210–217, (1986).CrossRefMathSciNetGoogle Scholar
  11. 11.
    O. Goldreich, S. Goldwasser and S. Micali, “On the cryptographic applications of random functions,” Advances in Cryptology — Proceedings of CRYPTO 84, Springer-Verlag, 1984.Google Scholar
  12. 12.
    S. Goldwasser and S. Micali, “Probabilistic encryption,” Journal of Computer and System Sciences Vol. 28, 270–299 (April 1984).CrossRefMATHMathSciNetGoogle Scholar
  13. 13.
    S. Goldwasser, S. Micali and R. Rivest, “A digital signature scheme secure against adaptive chosen-message attacks,” SIAM Journal of Computing, Vol. 17, No. 2, 281–308, April 1988.CrossRefMATHMathSciNetGoogle Scholar
  14. 14.
    J. Håstad, “Pseudo-random generators under uniform assumptions,” Proceedings of the 22nd Annual ACM Symposium on the Theory of Computing, ACM (1990).Google Scholar
  15. 15.
    R. Impagliazzo and M. Luby, “One-way functions are essential for complexity based cryptography,” Proceedings of the 30th Annual IEEE Symposium on the Foundations of Computer Science, IEEE (1989).Google Scholar
  16. 16.
    R. Impagliazzo, L. Levin and M. Luby, “Pseudo-random generation from one-way functions,” Proceedings of the 21st Annual ACM Symposium on the Theory of Computing, ACM (1989).Google Scholar
  17. 17.
    ISO/IEC 9798-2, “Information technology — Security techniques — Entity authentication — Part 2: Entity authentication using symmetric techniques.” Draft 12, September 1992.Google Scholar
  18. 18.
    M. Luby and C. Rackoff, “How to construct pseudorandom permutations from pseudorandom functions,” SIAM J. Computing, Vol. 17, No. 2, April 1988.Google Scholar
  19. 19.
    M. Luby and C. Rackoff, “A study of password security,” manuscript.Google Scholar
  20. 20.
    R. Molva, G. Tsudik, E. Van Herreweghen and S. Zatti, “KryptoKnight authentication and key distribution system,” ESORICS 92, Toulouse, France, November 1992.Google Scholar
  21. 21.
    R. Needham and M. Schroeder, “Using encryption for authentication in large networks of computers,” Communications of the ACM, Vol. 21, No. 12, 993–999, December 1978.CrossRefMATHGoogle Scholar
  22. 22.
    R. Rivest, “The MD5 message-digest algorithm,” IETF Network Working Group, RFC 1321, April 1992.Google Scholar
  23. 23.
    J. Rompel, “One-way functions are necessary and sufficient for secure signatures,” Proceedings of the 22nd Annual ACM Symposium on the Theory of Computing, ACM (1990).Google Scholar
  24. 24.
    G. Tsudik, “Message authentication with one-way hash functions,” Proceedings of Infocom 92.Google Scholar
  25. 25.
    P. Van Oorschot, “Extending cryptographic logics of belief to key agreement protocols,” Proceedings of 1st ACM Conference on Computer and Communications Security, November 1993.Google Scholar
  26. 26.
    Yao, A. C., “Theory and applications of trapdoor functions,” Proceedings of the 23rd Annual IEEE Symposium on the Foundations of Computer Science, IEEE (1982).Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1994

Authors and Affiliations

  • Mihir Bellare
    • 1
  • Phillip Rogaway
    • 2
  1. 1.High Performance Computing and CommunicationsIBM T.J. Watson Research CenterYorktown HeightsUSA
  2. 2.PS LAN System DesignIBM Personal Software ProductsAustinUSA

Personalised recommendations