Article

Provably secure mobile key exchange: applying the Canetti-Krawczyk approach

Authors:

Yiu Shing Terry Tin,

Juan Manuel González NietoAuthors Info & Claims

ACISP'03: Proceedings of the 8th Australasian conference on Information security and privacy

Pages 166 - 179

Published: 09 July 2003 Publication History

Abstract

Practical use of the Canetti and Krawczyk approach to development of proven secure key exchange protocols is explored. The suite of protocols that can be developed using existing building blocks is discussed. An additional building block is provided by proving a new protocol secure in the ideal model of the approach. In the application area of wireless protocols it is shown that the best existing protocols can be matched with versions carrying security proofs. We conclude that building a library of building blocks will allow protocols with proven security to become the norm rather than the exception.

References

[1]

Mihir Bellare, Ran Canetti, and Hugo Krawczyk. A modular approach to the design and analysis of authentication and key exchange protocols. In Proceedings of the 30th Annual Symposium on the Theory of Computing, ACM, pages 412-428, 1998. Full version at http://www-cse.ucsd.edu/users/mihir/papers/modular.pdf.

Digital Library

[2]

Mihir Bellare and Phillip Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In First ACM Conference on Computer and Communications Security, pages 62-73, 1993.

Digital Library

[3]

Mihir Bellare and Phillip Rogaway. Entity authentication and key distribution. In Advances in Cryptology - Crypto 1993, volume 773 of LNCS, pages 232-249. Springer-Verlag, 1994. Full version at http://www-cse.ucsd.edu/users/mihir/papers/eakd.pdf.

Digital Library

[4]

Mihir Bellare and Phillip Rogaway. Provably secure session key distribution - the three party case. In Proceedings of the 27th ACM Symposium on the Theory of Computing, pages 57-66, May 1995.

Digital Library

[5]

Simon Blake-Wilson and Alfred Menezes. Unknown key-share attacks on the station-to-station (sts) protocol. In Public Key Cryptography 1999, volume 1560 of LNCS, pages 154-170. Springer-Verlag, 1999.

Digital Library

[6]

C. Boyd and D.-G. Park. Public key protocols for wireless communications. The 1998 International Conference on Information Security and Cryptology (ICISC '98), pages 47-57, 1998. Seoul, Korea.

[7]

Ran Canetti and Hugo Krawczyk. Analysis of key-exchange protocols and their use for building secure channels. In Advances in Cryptology - Eurocrypt 2001, volume 2045 of LNCS, pages 453-474. Springer-Verlag, 2001. Full version at http://eprint.iacr.org/2001/040.ps.

Digital Library

[8]

W. Diffie and M. Hellman. New direction in cryptography. IEEE Transactions on Information Theory, 22:644-654, 1976.

Digital Library

[9]

W. Diffie, P.C. van Oorschot, and M.J. Wiener. Authentication and authenticated key exchanges. Designs, Codes and Cryptography, 2:107-125, 1992.

Digital Library

[10]

Günther Horn, Keith M. Martin, and Chris J. Mitchell. Authentication protocols for mobile network environment value-added services. IEEE Transactions on Vechicular Technology, 51(2):383-392, 2002.

[11]

Günther Horn and Bart Preneel. Authentication and payment in future mobile systems. In European Symposium on Research in Computer Security (ESORICS), volume 1485 of LNCS, pages 277-293. Springer-Verlag, 1998.

Digital Library

[12]

Markus Jakobsson and David Pointcheval. Mutual authentication for low-power mobile devices. In Proceedings of Financial Cryptography 2001, volume 2339 of LNCS, pages 178-195. Springer-Verlag, 2001.

Digital Library

[13]

Tatsuaki Okamoto and David Pointcheval. The gap-problems: a new class of problems for the security of cryptographic schemes. In Public Key Cryptography 2001, volume 1992 of LNCS, pages 104-118. Springer-Verlag, February 2001.

Digital Library

[14]

D.-G. Park, M.-N. Oh, and M. Looi. A fraud detection method and its application to third generation wireless systems. In Proceedings of Globecom 98, pages 1984- 1989, 1998.

[15]

Claus P. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology 4, pages 161-174, 1991.

[16]

Victor Shoup. On formal models for secure key exchange. Research Report RZ 3120, IBM Zurich Research Lab, 1999. Version 4 of 1999 revision of IBM Research Report RZ 3120 at http://www.shoup.net/papers/skey.pdf.

[17]

Duncan S. Wong and Agnes H. Chan. Efficient and mutually authenticated key exchange for low power computing devices. In Advances in Cryptology - Asiacrypt 2001, volume 2248 of LNCS, pages 272-289. Springer-Verlag, 2001.

Digital Library

Cited By

Bicakci KCrispo BOligeri G(2013)LAKEACM Transactions on Internet Technology10.1145/2542214.254221613:2(1-27)Online publication date: 1-Dec-2013
https://dl.acm.org/doi/10.1145/2542214.2542216
Lauter KMityagin A(2006)Security analysis of KEA authenticated key exchange protocolProceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography10.1007/11745853_25(378-394)Online publication date: 24-Apr-2006
https://dl.acm.org/doi/10.1007/11745853_25
Kudla CPaterson K(2005)Modular security proofs for key agreement protocolsProceedings of the 11th international conference on Theory and Application of Cryptology and Information Security10.1007/11593447_30(549-565)Online publication date: 4-Dec-2005
https://dl.acm.org/doi/10.1007/11593447_30
Show More Cited By

Recommendations

Efficient and provably secure generic construction of three-party password-based authenticated key exchange protocols
INDOCRYPT'06: Proceedings of the 7th international conference on Cryptology in India

Three-party password-based authenticated key exchange (3-party PAKE) protocols make two communication parties establish a shared session key with the help of a trusted server, with which each of the two parties shares a predetermined password. Recently, ...
Witness-Authenticated Key Exchange
Provably secure three-party password-based authenticated key exchange protocol

A three-party password-based authenticated key exchange (3PAKE) protocol is a useful mechanism to establish a secure session key in a network. However, most current 3PAKE protocols only achieve ''heuristic'' security; the underlying hardness assumptions ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

ACISP'03: Proceedings of the 8th Australasian conference on Information security and privacy

July 2003

533 pages

ISBN:3540405151

Editors:
Rei Safavi-Naini
University of Wollongong, School of Information Technology and Computer Science, Wollongong, NSW, Australia
,
Jennifer Seberry
University of Wollongong, School of Information Technology and Computer Science, Wollongong, NSW, Australia

Sponsors

School of Information Technology and Computer Science of the University of Wollongong
Australian Computer Society, Smart Internet Technology Cooperative Research Centre

In-Cooperation

IEEE-CS Task Force on Information Assurance

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 09 July 2003

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Bicakci KCrispo BOligeri G(2013)LAKEACM Transactions on Internet Technology10.1145/2542214.254221613:2(1-27)Online publication date: 1-Dec-2013
https://dl.acm.org/doi/10.1145/2542214.2542216
Lauter KMityagin A(2006)Security analysis of KEA authenticated key exchange protocolProceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography10.1007/11745853_25(378-394)Online publication date: 24-Apr-2006
https://dl.acm.org/doi/10.1007/11745853_25
Kudla CPaterson K(2005)Modular security proofs for key agreement protocolsProceedings of the 11th international conference on Theory and Application of Cryptology and Information Security10.1007/11593447_30(549-565)Online publication date: 4-Dec-2005
https://dl.acm.org/doi/10.1007/11593447_30
Hitchcock YBoyd CNieto J(2004)Tripartite key exchange in the canetti-krawczyk proof modelProceedings of the 5th international conference on Cryptology in India10.1007/978-3-540-30556-9_3(17-32)Online publication date: 20-Dec-2004
https://dl.acm.org/doi/10.1007/978-3-540-30556-9_3
Boyd C(2004)Design of secure key establishment protocolsProceedings of the 5th international conference on Cryptology in India10.1007/978-3-540-30556-9_1(1-13)Online publication date: 20-Dec-2004
https://dl.acm.org/doi/10.1007/978-3-540-30556-9_1

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents