Generic Compilers for Authenticated Key Exchange

  • Tibor Jager
  • Florian Kohlar
  • Sven Schäge
  • Jörg Schwenk
Conference paper

DOI: 10.1007/978-3-642-17373-8_14

Part of the Lecture Notes in Computer Science book series (LNCS, volume 6477)
Cite this paper as:
Jager T., Kohlar F., Schäge S., Schwenk J. (2010) Generic Compilers for Authenticated Key Exchange. In: Abe M. (eds) Advances in Cryptology - ASIACRYPT 2010. ASIACRYPT 2010. Lecture Notes in Computer Science, vol 6477. Springer, Berlin, Heidelberg

Abstract

So far, all solutions proposed for authenticated key agreement combine key agreement and authentication into a single cryptographic protocol. However, in many important application scenarios, key agreement and entity authentication are clearly separated protocols. This fact enables efficient attacks on the naïve combination of these protocols. In this paper, we propose new compilers for two-party key agreement and authentication, which are provably secure in the standard Bellare-Rogaway model. The constructions are generic: key agreement is executed first and results (without intervention of the adversary) in a secret session key on both sides. This key (or a derived key) is handed over, together with a transcript of all key exchange messages, to the authentication protocol, where it is combined with the random challenge(s) exchanged during authentication.

Keywords

authenticated key agreement protocol compiler TLS 
Download to read the full conference paper text

Copyright information

© International Association for Cryptologic Research 2010

Authors and Affiliations

  • Tibor Jager
    • 1
  • Florian Kohlar
    • 1
  • Sven Schäge
    • 1
  • Jörg Schwenk
    • 1
  1. 1.Ruhr-University Bochum 

Personalised recommendations