Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
An optimal class of symmetric key generation systems
Proc. of the EUROCRYPT 84 workshop on Advances in cryptology: theory and application of cryptographic techniques
An identity-based key-exchange protocol
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Computerized patient information system in a psychiatric unit: five-year experience
Journal of Medical Systems
How to share a function securely
STOC '94 Proceedings of the twenty-sixth annual ACM symposium on Theory of computing
On the generation of cryptographically strong pseudorandom sequences
ACM Transactions on Computer Systems (TOCS)
Handbook of Applied Cryptography
Handbook of Applied Cryptography
An Efficient Protocol for Authenticated Key Agreement
Designs, Codes and Cryptography
Key Distribution Systems Based on Identification Information
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
On the Existence of 3-Round Zero-Knowledge Protocols
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Towards Practical Public Key Systems Secure Against Chosen Ciphertext Attacks
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
SKEME: a versatile secure key exchange mechanism for Internet
SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
Domain-based administration of identity-based cryptosystems for secure email and IPSEC
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Identity-based key agreement protocols from pairings
International Journal of Information Security
An Identity-Based Key Agreement Protocol for the Network Layer
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Beyond secret handshakes: affiliation-hiding authenticated key exchange
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Security of two-party identity-based key agreement
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
A new two-party identity-based authenticated key agreement
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
HMQV: a high-performance secure diffie-hellman protocol
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Practical affiliation-hiding authentication from improved polynomial interpolation
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Strongly secure one round authenticated key exchange protocol with perfect forward security
ProvSec'11 Proceedings of the 5th international conference on Provable security
Proceedings of the 3rd Innovations in Theoretical Computer Science Conference
On forward secrecy in one-round key exchange
IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
One-round identity-based key exchange with Perfect Forward Security
Information Processing Letters
Strongly secure authenticated key exchange from factoring, codes, and lattices
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
OAKE: a new family of implicitly authenticated diffie-hellman protocols
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Deniability and forward secrecy of one-round authenticated key exchange
The Journal of Supercomputing
Hi-index | 0.00 |
This paper investigates the question of whether a key agreement protocol with the same communication complexity as the original Diffie-Hellman protocol (DHP) (two messages with a single group element per message), and similar low computational overhead, can achieve forward secrecy against active attackers in a provable way.We answer this question in the affirmative by resorting to an old and elegant key agreement protocol: the Okamoto-Tanaka protocol [22]. We analyze a variant of the protocol (denoted mOT) which achieves the above goal. Moreover, due to the identity-based properties of mOT, even the sending of certificates (typical for authenticated DHPs) can be avoided in the protocol. As additional contributions, we apply our analysis to prove the security of a recent multi-domain extension of the Okamoto-Tanaka protocol by Schridde et al. and show how to adapt mOT to the (non id-based) certificate-based setting.