Abstract
Data security in computer networks is becoming increasingly important due to the expanding role of distributed computation, distributed databases and tele-communication applications such as electronic mail and electronic funds transfer. For privacy, information which may be highly sensitive or privileged must be encrypted with secret keys which are shared by the communicating parties. These keys are generated by key agreement protocols. Traditionally such protocols were designed by trial and error. History has proven this method to be unreliable: many protocols were broken or serious flaws were exposed. In this paper we discuss the security aspects of key agreement protocols. In particular, we consider two models for provable security, one based on probabilistic encryption, the other on zero-knowledge. We propose a variant of the Diffie-Hellman key agreement protocol which is provably secure and efficient.
Chapter PDF
References
Adleman, L., Manders, K.M. and Miller, G.M. (1977) On taking roots in finite fields, Annual Symposium on Foundations of Computer Science, 18, 175–178.
Alexandris, N., Burmester, M., Chrissikopoulos, V. and Desmedt, Y. (1993) A secure key distribution system, Proceedings of the 3rd Symposium on State and Progress of Research in Cryptography, Rome, 30–34.
Alexandris, N., Burmester. M., and Chrissikopoulos V. (1992) An efficient public key distribution system, Proceedings of the IFIP 12th World Computer Congress, North Holland, 532–539.
Bellare, M. and Rogaway, P. (1994) Entity authentication and key distribution, in Advances in Cryptology–Crypto 93, Lecture Notes in Computer Science 773 ( D.R. Stinson, ed. ), Springer-Verlag, 232–249.
Bird, R., Gopal, I., Herzberg, A., Jansen, P., Kutten, S., Molva, R. and Yung, M. (1992) Systematic design of two-party authentication protocols, in Advances in Cryptology - Crypto ’81, Lecture Notes in Computer Science 576 (J. Feigenbaum, ed.), Springer-Verlag, 44–61.
Blum, M. and Micali, S. (1984) How to generate cryptographically strong sequences of pseudo-random bits, Sian J. Comput., 13, 850–864.
Burmester, M., Desmedt, Y. and Beth, T. (1992) Efficient zero-knowledge distribution schemes for smart cards, The Computer Journal, 35, 21–29.
Burmester, M. (1994) On the risk of opening distributed keys, in Advances in Cryptology–Crypto ’84. Lecture Notes in Computer Science 839 ( Y.Desmedt, ed. ), Springer-Verlag, 308–317.
Chaum, D., Evertse, J.H. and Van de Graaf, J. (1988) An improved protocol for demonstrating possession of discrete logarithms and some generalizations, in Advances in Cryptology—Eurocrypt ’87, Lecture Notes in Computer Science 304 ( D. Chaum and W.L. Price, eds. ), Springer-Verlag, 127–141.
Chrissikopoulos, V. and Peppes, D. (1995) A Practical Conference Key Distribution System, Information Security-the Next Decade, Proceedings of IFIP/SEC’95, The 11th International Information Security Conference., (J. Eloff and S. von Solms eds.), 168–175.
Desmedt, Y. and Burmester, M., (1993) Towards practical proven secure authenticated key distribution, Proceedings of the Ist ACM Conference on Computer and Communication Security, Fairfax, Virginia, ACM Press, 228–231.
Diffie, W. and Hellman, M.E. (1976) New directions in cryptography, IEEE Trans. Inform. Theory, IT-22, 644–654.
Diffie, W., van Oorschot, P.C. and Wiener, M. (1992) Authentication and authenticated key exchanges, Designs, Codes and Cryptography, 2, 107–125.
Fiat, A. and Shamir, A. (1987) How to prove yourself: Practical solutions to identification and signature problems, in Advances in Cryptology, Proc. of Crypto ’86, Lecture Notes in Computer Science 263 ( A. Odlyzko, ed. ), Springer–Verlag, 186–194.
Goldwasser, S. and Micali, S. (1984) Probabilistic encryption, Journal of Computer and System Sciences, 28, 270–299.
Goldwasser, S., Micali, S. and Rivest, R. (1988) A digital signature scheme secure against adaptive chosen-message attacks, Siam J. Comput., 17, 281–308.
Gong, L. and Wheeler, D.J. (1990) A matrix key-distribution scheme, Journal of Cryptology, 2, 51–59.
ISO/IEC CD11770–3 (1995) Draft Directory. Information Technology - Security Techniques - Key Management, Part 3: Mechanisms using asymmetric techniques. Key Agreement Mechanism 5.
Kohl, J.(1991) The evaluation of the Kerberos Authentication Service, Europen Conference Proceedings 295–313.
Leighton, T. and Micali, S. (1994) Secret-key agreement without public-key cryptography, in Advances in Cryptology–Crypto 93, Lecture Notes in Computer Science 773 ( D. Stinson, ed. ), Springer-Verlag, 456–479.
Matsumoto, T., Takashima, Y. and Imai, H. (1986) On seeking smart public key distribution systems, The Transactions of the IECE of Japan, E69, 99–106.
Needham, R.N. and Schroeder, M.D. (1978) Using encryption for authentication in large networks of computers, Commun. ACM, 21, 993–999.
Sakurai, K. and Itoh, T., (1993) On the discrepancy between serial and parallel of zero-knowledge protocols, in Advances in Cryptology–Crypto ’82, Lecture Notes in Computer Science 740 ( E. F. Brickell, ed. ), Springer–Verlag, 246–259.
Schnorr, C.P. (1991) Efficient Signature Generation by Smart Cards, Journal of Cryptology, 4, 161–174.
Yacobi, Y. (1991) A key distribution paradox, in Advances in Cryptology — Crypto ’80, Lecture Notes in Computer Science 537 ( A. J. Menezes and S. A. Vanstone eds. ), Springer–Verlag, 268–273.
Yao, A.C. (1982) Theory and applications of trapdoor functions, in 23th Annual Symp. on Foundations of Computer Science (FOCS), IEEE Computer Society Press, 80–91.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1996 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Alexandris, N., Burmester, M., Chrissikopoulos, V., Peppes, D. (1996). Efficient and provably secure key agreement. In: Katsikas, S.K., Gritzalis, D. (eds) Information Systems Security. SEC 1996. IFIP Advances in Information and Communication Technology. Springer, Boston, MA. https://doi.org/10.1007/978-1-5041-2919-0_20
Download citation
DOI: https://doi.org/10.1007/978-1-5041-2919-0_20
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-5041-2921-3
Online ISBN: 978-1-5041-2919-0
eBook Packages: Springer Book Archive