An authenticated Diffie-Hellman key agreement protocol secure against active attacks

  • Shouichi Hirose
  • Susumu Yoshida
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1431)


A two-party authenticated Diffie-Hellman key agreement protocol is proposed. The protocol is practical and provably secure against passive eavesdropping, impersonation, interference, active eavesdropping and pretense in the random oracle model on the assumptions that the Diffie-Hellman problem is intractable and that the secret pieces of information of users are selected at random and independently of each other. All of these attacks are assumed to be known-key attacks. The security against passive eavesdropping is proved on the assumption that the attacker knows the secret pieces of information of the participants. As an application of the proposed protocol, a star-based conference key distribution protocol is also designed.


Discrete Logarithm Discrete Logarithm Problem Random Oracle Model Attack Phase Passive Eavesdrop 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bengio, S., Brassard, G., Desmedt, Y. G., Goutier, C. and Quisquater, J.-J., “Secure implementation of identification systems,” J. Cryptology, vol. 4, pp. 175–183, 1991.CrossRefGoogle Scholar
  2. 2.
    Bellare, M. and Rogaway, P., “Random oracles are practical: A paradigm for designing efficient protocols,” Proc. the 1st ACM Conference on Computer and Communications Security, pp. 62–73, 1993.Google Scholar
  3. 3.
    Burmester, M., “On the risk of opening distributed keys,” Proc. CRYPTO'94, LNCS 839, pp. 308–317, 1994.zbMATHGoogle Scholar
  4. 4.
    Burmester, M. and Desmedt, Y., “A secure and efficient conference key distribution system,” Proc. EUROCRYPT'94, LNCS 950, pp. 275–286, 1995.Google Scholar
  5. 5.
    Diffie, W. and Hellman, M. E., “New directions in cryptography,” IEEE Trans. Infor. Theory, vol. IT-22, pp. 644–654, 1976.CrossRefMathSciNetGoogle Scholar
  6. 6.
    Diffie, W., van Oorschot, P. and Wiener, M. J., “Authentication and authenticated key exchanges,” Designs, Codes and Cryptography, vol. 2, pp. 107–125, 1992.CrossRefGoogle Scholar
  7. 7.
    Fiat, A. and Shamir, A., “How to prove yourself: practical solutions to identification and signature problems,” Proc. CRYPTO'86, LNCS 263, pp. 186–194, 1987.MathSciNetGoogle Scholar
  8. 8.
    Günther, C. G., “An identity-based key exchange protocol,” Proc. EURO-CRYPT'89, LNCS 434, pp. 29–37, 1990.Google Scholar
  9. 9.
    Hirose, S. and Ikeda, K., “A conference key distribution system for the star configuration based on the discrete logarithm problem,” Information Processing Letters, vol. 62, no. 4, pp. 189–192, 1997.CrossRefGoogle Scholar
  10. 10.
    Just, M. and Vaudenay, S., “Authenticated multi-party key agreement,” Proc. ASIACRYPT'96, LNCS 1163, pp. 36–49, 1996.MathSciNetGoogle Scholar
  11. 11.
    Matsumoto, T., Takashima, Y. and Imai, H., “On seeking smart public-key distribution systems,” Trans. of IECE of Japan, vol. E69, no. 2, pp. 99–106, 1986.Google Scholar
  12. 12.
    Okamoto, T. and Ohta, K., “How to utilize the randomness of zero-knowledge proofs,” Proc. CRYPTO'90, LNCS 537, pp. 456–475, 1991.Google Scholar
  13. 13.
    Schnorr, C. P., “Efficient identification and signatures for smart cards,” Proc. CRYPTO'89, LNCS 435, pp. 239–252, 1990.zbMATHMathSciNetGoogle Scholar
  14. 14.
    Yacobi, Y., “A key distribution paradox,” Proc. CRYPTO'90, LNCS 537, pp. 268–273, 1991.zbMATHGoogle Scholar
  15. 15.
    Yacobi, Y. and Shmuely, Z., “On key distribution systems,” Proc. CRYPTO'89, LNCS 435, pp. 344–355, 1990.MathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Shouichi Hirose
    • 1
  • Susumu Yoshida
    • 1
  1. 1.Department of Electronics and Communication, Graduate School of EngineeringKyoto UniversityKyotoJapan

Personalised recommendations