RSA-Based Secret Handshakes

  • Damien Vergnaud
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3969)


A secret handshake mechanism allows two entities, members of a same group, to authenticate each other secretly. This primitive was introduced recently by Balfanz, Durfee, Shankar, Smetters, Staddon and Wong and, so far, all the schemes proposed are based on discrete log systems. This paper proposes three new secret handshake protocols secure against active impersonator and detector adversaries. Inspired by two RSA-based key agreement protocols introduced by Okamoto and Tanaka in 1989 and Girault in 1991, our schemes are, in the random oracle model, provably secure against active adversaries under the assumption that the RSA problem is intractable.


Random Oracle Random Oracle Model Public Parameter Handshake Protocol Group Authority 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Balfanz, D., Durfee, G., Shankar, N., Smetters, D.K., Staddon, J., Wong, H.C.: Secret Handshakes from Pairing-Based Key Agreements. In: 2003 IEEE Symposium on Security and Privacy (S&P 2003), pp. 180–196. IEEE Computer Society, Los Alamitos (2003)CrossRefGoogle Scholar
  2. 2.
    Bellare, M., Rogaway, P.: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In: Proceedings of the First ACM Conference on Computer and Communications Security, pp. 62–73 (1993)Google Scholar
  3. 3.
    Blake-Wilson, S., Johnson, D., Menezes, A.: Key Agreement Protocols and their Security Analysis. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 30–45. Springer, Heidelberg (1997)Google Scholar
  4. 4.
    Canetti, R., Goldreich, O., Halevi, S.: The Random Oracle Methodology, Revisited. J. Assoc. Comput. Mach. 51(4), 557–594 (2004)MathSciNetCrossRefMATHGoogle Scholar
  5. 5.
    Castelluccia, C., Jarecki, S., Tsudik, G.: Secret Handshakes from CA-Oblivious Encryption. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 293–307. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Coron, J.-S.: On the Exact Security of Full Domain Hash. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 229–235. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  7. 7.
    Desmedt, Y.: Securing Traceability of Ciphertexts - Towards a Secure Software Key Escrow System. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 147–157. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  8. 8.
    Diffie, W., van Oorschot, P.C., Wiener, M.J.: Authentication and Authenticated Key Exchanges. Des. Codes Cryptography 2(2), 107–125 (1992)MathSciNetCrossRefGoogle Scholar
  9. 9.
    Girault, M.: Self-Certified Public Keys. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 490–497. Springer, Heidelberg (1991)CrossRefGoogle Scholar
  10. 10.
    Jakobsson, M., Sako, K., Impagliazzo, R.: Designated Verifier Proofs and Their Applications. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 143–154. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  11. 11.
    Mambo, M., Shizuya, H.: A Note on the Complexity of Breaking Okamoto-Tanaka ID-Based Key Exchange Scheme. In: Imai, H., Zheng, Y. (eds.) PKC 1998. LNCS, vol. 1431, pp. 258–262. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  12. 12.
    Miller, V.S.: The Weil Pairing, and Its Efficient Calculation. J. Cryptology 17(4), 235–261 (2004)MathSciNetCrossRefMATHGoogle Scholar
  13. 13.
    Naor, M.: On Cryptographic Assumptions and Challenges. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 96–109. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  14. 14.
    Nielsen, J.B.: Separating Random Oracle Proofs from Complexity Theoretic Proofs: The Non-committing Encryption Case. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 111–126. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  15. 15.
    Oh, S.-H., Mambo, M., Shizuya, H., Won, D.-H.: On the Security of Girault Key Agreement Protocols against Active Attacks. IEICE Trans. Fundamentals E86-A(5), 1181–1189 (2003)Google Scholar
  16. 16.
    Okamoto, E., Tanaka, K.: Key Distribution System Based on Identification Information. IEEE J. Selected Areas in Communications 7, 481–485 (1989)CrossRefGoogle Scholar
  17. 17.
    Rosser, J., Schoenfeld, L.: Approximate formulas for some functions of prime numbers. Ill. J. Math. 6, 64–94 (1962)MathSciNetMATHGoogle Scholar
  18. 18.
    Saeednia, S.: A Note on Girault’s Self-Certified Model. Inf. Process. Lett. 86(3), 323–327 (2003)MathSciNetCrossRefMATHGoogle Scholar
  19. 19.
    Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems Based on Pairings. In: Proceedings of the Symposium on Cryptography and Information Security (SCIS 2000) (2000)Google Scholar
  20. 20.
    Shamir, A.: Identity-Based Cryptosystems and Signature Schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  21. 21.
    Shoup, V.: OAEP Reconsidered. J. Cryptology 15(4), 223–249 (2002)MathSciNetCrossRefMATHGoogle Scholar
  22. 22.
    Xu, S., Yung, M.: k-Anonymous Secret Handshakes with Reusable Credentials. In: Atluri, V., Pfitzmann, B., McDaniel, P. (eds.) Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 158–167. ACM, New York (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Damien Vergnaud
    • 1
  1. 1.Laboratoire de Mathématiques Nicolas OresmeUniversité de CaenCaenFrance

Personalised recommendations