How to construct random functions
Journal of the ACM (JACM)
Universal one-way hash functions and their cryptographic applications
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
One-way functions are necessary and sufficient for secure signatures
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
A Pseudorandom Generator from any One-way Function
SIAM Journal on Computing
An Efficient Protocol for Authenticated Key Agreement
Designs, Codes and Cryptography
HMQV: a high-performance secure diffie-hellman protocol
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Tag-KEM/DEM: a new framework for hybrid encryption and a new analysis of kurosawa-desmedt KEM
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Comparing the Pre- and Post-specified Peer Models for Key Agreement
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Efficient One-Round Key Exchange in the Standard Model
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Constructing Strong KEM from Weak KEM (or How to Revive the KEM/DEM Framework)
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Comparing the pre- and post-specified peer models for key agreement
International Journal of Applied Cryptography
A Framework for Authenticated Key Exchange in the Standard Model
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
A New Strongly Secure Authenticated Key Exchange Protocol
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Improved efficiency of Kiltz07-KEM
Information Processing Letters
Strongly Secure Authenticated Key Exchange without NAXOS' Approach
IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
Comparing SessionStateReveal and EphemeralKeyReveal for Diffie-Hellman Protocols
ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Strong designated verifier signature in a multi-user setting
AISC '09 Proceedings of the Seventh Australasian Conference on Information Security - Volume 98
Provably secure authenticated key exchange protocol under the CDH assumption
Journal of Systems and Software
International Journal of Applied Cryptography
Security enhancement and modular treatment towards authenticated key exchange
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Designing efficient authenticated key exchange resilient to leakage of ephemeral secret keys
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Round-optimal password-based authenticated key exchange
TCC'11 Proceedings of the 8th conference on Theory of cryptography
ProvSec'11 Proceedings of the 5th international conference on Provable security
Provably secure three-party password-based authenticated key exchange protocol
Information Sciences: an International Journal
Characterization of strongly secure authenticated key exchanges without NAXOS technique
IWSEC'11 Proceedings of the 6th International conference on Advances in information and computer security
Authenticated key exchange under bad randomness
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
Comments on the SM2 key exchange protocol
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
Security analysis and enhancement for three-party password-based authenticated key exchange protocol
Security and Communication Networks
Strongly secure authenticated key exchange from factoring, codes, and lattices
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Sufficient condition for ephemeral key-leakage resilient tripartite key exchange
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Strongly authenticated key exchange protocol from bilinear groups without random oracles
ProvSec'12 Proceedings of the 6th international conference on Provable Security
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Security weaknesses of a signature scheme and authenticated key agreement protocols
Information Processing Letters
| Hi-index | 0.00 |
This paper introduces a new paradigm to realize various types of cryptographic primitives such as authenticated key exchange and key encapsulation in the standard model under three standard assumptions: the decisional Diffie-Hellman (DDH) assumption, target collision resistant (TCR) hash functions and pseudo-random functions (PRFs).We propose the first (PKI-based) two-pass authenticated key exchange (AKE) protocol that is comparably as efficient as the existing most efficient protocols like MQV and that is secure in the standard model (under these standard assumptions), while the existing efficient two-pass AKE protocols such as HMQV, NAXOS and CMQV are secure in the random oracle model. Our protocol is shown to be secure in the (currently) strongest security definition, the extended Canetti-Krawczyk (eCK) security definition introduced by LaMacchia, Lauter and Mityagin. This paper also proposes a CCA-secure key encapsulation mechanism (KEM) under these assumptions, which is almost as efficient as the Kurosawa-Desmedt KEM. This scheme is also secure in a stronger security notion, the chosen public-key and ciphertext attack (CPCA) security. The proposed schemes in this paper are redundancy-free (or validity-check-free) and the implication is that combining them with redundancy-free symmetric encryption (DEM) will yield redundancy-free (e.g., MAC-free) CCA-secure hybrid encryption.