On a Class of Key Agreement Protocols Which Cannot Be Unconditionally Secure

  • Frank Niedermeyer
  • Werner Schindler
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2576)


In [5] a new key agreement protocol called CHIMERA was introduced which was supposed to be unconditionally secure. In this paper an attack against CHIMERA is described which needs little memory and computational power and is successful almost with probability 1. The bug in the security proof in [5] is explained. Further, it is shown that a whole class of CHIMERA-like key agreement protocols cannot be unconditionally secure.


Key agreement protocol unconditional security CHIMERA 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    G. Brassard: Modern Cryptology: A Tutorial. Lecture Notes in Computer Science 325, Springer, New York (1988).zbMATHGoogle Scholar
  2. 2.
    U. Maurer: Secret Key Agreement by Public Discussion from Common Information. IEEE Transaction on Information Theory 39 (1993), 739–742.CrossRefMathSciNetGoogle Scholar
  3. 3.
    U. Maurer: Information Theoretic Cryptography. In: M. Wiener (ed.): Crypto’ 99. Lecture Notes in Computer Science 1666, Springer, Berlin (1999), 47–64.Google Scholar
  4. 4.
    A. J. Menezes, P. C. van Oorschot, S. C. Vanstone: Handbook of Applied Cryptography. CRC Press, Boca Raton (1987).Google Scholar
  5. 5.
    C. Prisette: Unconditionally Secure Key Agreement Protocol. In: B. Honary (ed.): Cryptography and Coding 2001. Lecture Notes in Computer Science 2260, Springer, Berlin (2001), 277–293.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Frank Niedermeyer
    • 1
  • Werner Schindler
    • 1
  1. 1.Bundesamt für Sicherheit in der Informationstechnik (BSI)BonnGermany

Personalised recommendations