Abstract
This paper introduces a new paradigm to realize various types of cryptographic primitives such as authenticated key exchange and key encapsulation in the standard model under three standard assumptions: the decisional Diffie-Hellman (DDH) assumption, target collision resistant (TCR) hash functions and pseudo-random functions (PRFs). We propose the first (PKI-based) two-pass authenticated key exchange (AKE) protocol that is comparably as efficient as the existing most efficient protocols like MQV and that is secure in the standard model (under these standard assumptions), while the existing efficient two-pass AKE protocols such as HMQV, NAXOS and CMQV are secure in the random oracle model. Our protocol is shown to be secure in the (currently) strongest security definition, the extended Canetti-Krawczyk (eCK) security definition introduced by LaMacchia, Lauter and Mityagin. This paper also proposes a CCA-secure key encapsulation mechanism (KEM) under these assumptions, which is almost as efficient as the Kurosawa-Desmedt KEM. This scheme is also secure in a stronger security notion, the chosen public-key and ciphertext attack (CPCA) security. The proposed schemes in this paper are redundancy-free (or validity-check-free) and the implication is that combining them with redundancy-free symmetric encryption (DEM) will yield redundancy-free (e.g., MAC-free) CCA-secure hybrid encryption.
Keywords
- Hash Function
- Random Oracle Model
- Decryption Oracle
- Adaptive Choose Ciphertext Attack
- Hash Function Family
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Download conference paper PDF
References
Abe, M., Gennaro, R., Kurosawa, K., Shoup, V., Tag-KEM/DEM, A.: New Framework for Hybrid Encryption and New Analysis of Kurosawa-Desmedt KEM, Adv. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 128–146. Springer, Heidelberg (2005)
Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, Springer, Heidelberg (2001), http://eprint.iacr.org/2001/040
Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM Journal on Computing 33(1), 167–226 (2003)
Goldreich, O., Goldwasser, S., Micali, S.: How to Construct Random Functions. Journal of the ACM 33(4), 792–807 (1986)
Hastad, J., Impagliazzo, R., Levin, L., Luby, M.: A Pseudorandom Generator from any One-way Function. SIAM Journal on Computing, 28(4), 1364–1396 (1999)
Krawczyk, H.: HMQV: A high-performance secure Diffie-Hellman protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, Springer, Heidelberg (2005), http://eprint.iacr.org/2005/176
Kurosawa, K., Desmedt, Y.: A New Paradigm of Hybrid Encryption Scheme. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 426–442. Springer, Heidelberg (2004)
LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange, Cryptology ePrint Archive, Report, 2006/073 (2006), http://eprint.iacr.org/2006/073
Law, L., Menezes, A., Qu, M., Solinas, J., Van stone, S.: An efficient protocol for authenticated key agreement, Designs, Codes and Cryptography. 28, 119–134 (2003)
Menezes, A.: Another look at HMQV. Journal of Mathematical Cryptology 1, 148–175 (2007)
Matsumoto, T., Takashima, Y., Imai, H.: On Seeking Smart Public-key Distribution Systems. Transactions of the IECE of Japan E69, 99–106 (1986)
Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: Proceedings of the 21st Annual ACM Symposium on Theory of Computing, pp. 33–43. ACM Press, New York (1989)
Rompel, J.: One-way functions are necessary and sufficient for secure signatures. In: Proceedings of the 22nd Annual ACM Symposium on Theory of Computing, pp. 387–394. ACM Press, New York (1990)
Ustaoglu, B.: Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS, Cryptology ePrint Archive, Report, 2007 /123 (2007), http://eprint.iacr.org/2007/123
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Okamoto, T. (2007). Authenticated Key Exchange and Key Encapsulation in the Standard Model. In: Kurosawa, K. (eds) Advances in Cryptology – ASIACRYPT 2007. ASIACRYPT 2007. Lecture Notes in Computer Science, vol 4833. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-76900-2_29
Download citation
DOI: https://doi.org/10.1007/978-3-540-76900-2_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-76899-9
Online ISBN: 978-3-540-76900-2
eBook Packages: Computer ScienceComputer Science (R0)