Credential Authenticated Identification and Key Exchange

  • Jan Camenisch
  • Nathalie Casati
  • Thomas Gross
  • Victor Shoup
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6223)

Abstract

This paper initiates a study of two-party identification and key-exchange protocols in which users authenticate themselves by proving possession of credentials satisfying arbitrary policies, instead of using the more traditional mechanism of a public-key infrastructure. Definitions in the universal composability framework are given, and practical protocols satisfying these definitions, for policies of practical interest, are presented. All protocols are analyzed in the common reference string model, assuming adaptive corruptions with erasures, and no random oracles. The new security notion includes password-authenticated key exchange as a special case, and new, practical protocols for this problem are presented as well, including the first such protocol that provides resilience against server compromise (without random oracles).

References

  1. 1.
    Abdalla, M., Chevalier, C., Pointcheval, D.: Smooth projective hashing for conditionally extractable commitments. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 671–689. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  2. 2.
    Barak, B., Canetti, R., Lindell, Y., Pass, R., Rabin, T.: Secure computation without authentication. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 361–377. Springer, Heidelberg (2005), http://eprint.iacr.org/2007/464 Google Scholar
  3. 3.
    Beaver, D., Haber, S.: Cryptographic protocols provably secure against dynamic adversaries. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 307–323. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  4. 4.
    Camenisch, J., Casati, N., Gross, T., Shoup, V.: Credential authenticated identification and key exchange. Cryptology ePrint Archive, Report 2010/055 (2010), http://eprint.iacr.org/
  5. 5.
    Camenisch, J., Lysyanskaya, L.: Efficient non-transferable anonymous multi-show credential system with optional anonymity revocation. In: Crypto 2001, pp. 93–118 (2001)Google Scholar
  6. 6.
    Camenisch, J., Shoup, V.: Practical verifiable encryption and decryption of discrete logarithms. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 126–144. Springer, Heidelberg (2003), http://eprint.iacr.org/2002/161 CrossRefGoogle Scholar
  7. 7.
    Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. Cryptology ePrint Archive, Report 2000/067 (December 14, 2005 version) (2005), http://eprint.iacr.org
  8. 8.
    Canetti, R., Dodis, Y., Pass, R., Walfish, S.: Universally composable security with global setup. In: Theory of Cryptography 2007, pp. 61–85 (2007), Full version at http://eprint.iacr.org/2006/432
  9. 9.
    Canetti, R., Halevi, S., Katz, J., Lindell, Y., MacKenzie, P.: Universally composable password-based key exchange. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 404–421. Springer, Heidelberg (2005)Google Scholar
  10. 10.
    Canetti, R., Rabin, T.: Universal composition with joint state. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 265–281. Springer, Heidelberg (2003), http://eprint.iacr.org/2002/047 CrossRefGoogle Scholar
  11. 11.
    Gentry, C., MacKenzie, P., Ramzan, Z.: A method for making password-based key exchange resilient to server compromise. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 142–159. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Jarecki, S., Kim, J., Tsudik, G.: Beyond secret handshakes: affiliation-hiding authenticated key agreement. In: Malkin, T.G. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 352–369. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  13. 13.
    Jarecki, S., Lysyanskaya, A.: Adaptively secure threshold cryptography: introducing concurrency, removing erasures. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 221–242. Springer, Heidelberg (2000)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Jan Camenisch
    • 1
  • Nathalie Casati
    • 1
  • Thomas Gross
    • 1
  • Victor Shoup
    • 2
  1. 1.IBM Research, work funded by the European Community’s Seventh Framework Programme (FP7/2007-2013) under grant agreement no. 216483 
  2. 2.NYU, work done while visiting IBM Research, supported by NSF grant CNS-0716690 

Personalised recommendations