An Extension to Bellare and Rogaway (1993) Model: Resetting Compromised Long-Term Keys

  • Colin Boyd
  • Kim-Kwang Raymond Choo
  • Anish Mathuria
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4058)


A security proof in the Bellare–Rogaway model and the random oracle model is provided for a protocol closely based on one originally proposed by Boyd (1996), which enjoys some remarkable efficiency properties. The model is extended so that it can detect a known weakness of the protocol that cannot be captured in the original model. An alternative protocol is proposed, provably secure in the extended model and the random oracle model, and offering the same efficiency features as the original protocol. Moreover, our alternative protocol provides key confirmation and forward secrecy. It also allows session keys to be renewed in subsequent sessions without the server’s further involvement even in the event that the long-term key or the earlier session key have been compromised.


Encryption Scheme Random Oracle Security Parameter Security Proof Random Oracle Model 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bellare, M., Namprempre, C.: Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  2. 2.
    Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  3. 3.
    Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)Google Scholar
  4. 4.
    Boyd, C.: A Class of Flexible and Efficient Key Management Protocols. In: CSFW 1996, pp. 2–8. IEEE Computer Society Press, Los Alamitos (1996)Google Scholar
  5. 5.
    Boyd, C., Choo, K.-K.R., Mathuria, A.: An Extension to Bellare and Rogaway (1993) Model: Resetting Compromised Long-Term Keys. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 371–382. Springer, Heidelberg (2006) (Full version) Available from: CrossRefGoogle Scholar
  6. 6.
    Crispo, B., Popescu, B.C., Tanenbaum, A.S.: Symmetric Key Authentication Services Revisited. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 248–261. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  7. 7.
    Goldreich, O., Lindell, Y.: Session-Key Generation Using Human Passwords Only. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 408–432. Springer, Heidelberg (2001) (Updated Version) Available from: CrossRefGoogle Scholar
  8. 8.
    Gong, L.: Using One-Way Functions for Authentication. ACM SIGCOMM Computer Communications Review 8(11), 8–11 (1989)CrossRefGoogle Scholar
  9. 9.
    Gong, L.: Lower Bounds on Messages and Rounds for Network Authentication Protocols. In: ACM CCS 1993, pp. 26–37. ACM Press, New York (1993)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Colin Boyd
    • 1
  • Kim-Kwang Raymond Choo
    • 1
  • Anish Mathuria
    • 2
  1. 1.Information Security InstituteQueensland University of TechnologyBrisbaneAustralia
  2. 2.Dhirubhai Ambani Institute of Information and Communication TechnologyGandhinagarIndia

Personalised recommendations