Okamoto-Tanaka revisited: fully authenticated diffie-hellman with minimal overhead

Authors:
Rosario Gennaro;Hugo Krawczyk;Tal Rabin
Affiliations:
IBM T.J. Watson Research Center, Hawthorne, New York;IBM T.J. Watson Research Center, Hawthorne, New York;IBM T.J. Watson Research Center, Hawthorne, New York
Venue:
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
Year:
2010

Citing 20
Cited 8

Identity-based cryptosystems and signature schemes

Proceedings of CRYPTO 84 on Advances in cryptology
An optimal class of symmetric key generation systems

Proc. of the EUROCRYPT 84 workshop on Advances in cryptology: theory and application of cryptographic techniques
An identity-based key-exchange protocol

EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Computerized patient information system in a psychiatric unit: five-year experience

Journal of Medical Systems
How to share a function securely

STOC '94 Proceedings of the twenty-sixth annual ACM symposium on Theory of computing
On the generation of cryptographically strong pseudorandom sequences

ACM Transactions on Computer Systems (TOCS)
Handbook of Applied Cryptography

Handbook of Applied Cryptography
An Efficient Protocol for Authenticated Key Agreement

Designs, Codes and Cryptography
Key Distribution Systems Based on Identification Information

CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
On the Existence of 3-Round Zero-Knowledge Protocols

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels

EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Towards Practical Public Key Systems Secure Against Chosen Ciphertext Attacks

CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
SKEME: a versatile secure key exchange mechanism for Internet

SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
Domain-based administration of identity-based cryptosystems for secure email and IPSEC

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Identity-based key agreement protocols from pairings

International Journal of Information Security
An Identity-Based Key Agreement Protocol for the Network Layer

SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Beyond secret handshakes: affiliation-hiding authenticated key exchange

CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Security of two-party identity-based key agreement

Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
A new two-party identity-based authenticated key agreement

CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
HMQV: a high-performance secure diffie-hellman protocol

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology

Practical affiliation-hiding authentication from improved polynomial interpolation

Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Strongly secure one round authenticated key exchange protocol with perfect forward security

ProvSec'11 Proceedings of the 5th international conference on Provable security
From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again

Proceedings of the 3rd Innovations in Theoretical Computer Science Conference
On forward secrecy in one-round key exchange

IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
One-round identity-based key exchange with Perfect Forward Security

Information Processing Letters
Strongly secure authenticated key exchange from factoring, codes, and lattices

PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
OAKE: a new family of implicitly authenticated diffie-hellman protocols

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Deniability and forward secrecy of one-round authenticated key exchange

The Journal of Supercomputing

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper investigates the question of whether a key agreement protocol with the same communication complexity as the original Diffie-Hellman protocol (DHP) (two messages with a single group element per message), and similar low computational overhead, can achieve forward secrecy against active attackers in a provable way.We answer this question in the affirmative by resorting to an old and elegant key agreement protocol: the Okamoto-Tanaka protocol [22]. We analyze a variant of the protocol (denoted mOT) which achieves the above goal. Moreover, due to the identity-based properties of mOT, even the sending of certificates (typical for authenticated DHPs) can be avoided in the protocol. As additional contributions, we apply our analysis to prove the security of a recent multi-domain extension of the Okamoto-Tanaka protocol by Schridde et al. and show how to adapt mOT to the (non id-based) certificate-based setting.