Provably authenticated group Diffie-Hellman key exchange
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS
Designs, Codes and Cryptography
Comparing the Pre- and Post-specified Peer Models for Key Agreement
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Efficient One-Round Key Exchange in the Standard Model
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols
CAV '08 Proceedings of the 20th international conference on Computer Aided Verification
Proceedings of the 15th ACM conference on Computer and communications security
Comparing SessionStateReveal and EphemeralKeyReveal for Diffie-Hellman Protocols
ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Stronger security of authenticated key exchange
ProvSec'07 Proceedings of the 1st international conference on Provable security
Authenticated key exchange and key encapsulation in the standard model
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Modeling and analyzing security in the presence of compromising adversaries
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Examining indistinguishability-based proof models for key establishment protocols
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
HMQV: a high-performance secure diffie-hellman protocol
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Security analysis of KEA authenticated key exchange protocol
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
| Hi-index | 0.00 |
In the paper, 'stronger security of authenticated key exchange' (LaMacchia et al., 2006, 2007), a new security model for authenticated key exchange protocols (eCK) is proposed. The new model is suggested to be at least as strong as previous models for key exchange protocols, such as the CK model (Canetti and Krawczyk, 2001; Krawczyk, 2005). The model includes a new notion of an EphemeralKeyReveal adversary query, which is claimed in e.g., LaMacchia et al. (2006), Okamoto (2007), and Ustaoglu (2008), to be at least as strong as the Session-StateReveal query. We investigate the relation between the two models by focusing on the difference in adversary queries. We formally model the NAXOS protocol and a variant of the eCK model, called eCK', in which the EphemeralKeyReveal query is replaced by the Session-StateReveal query. Using Scyther, a formal protocol analysis tool, we automatically find attacks on the protocol, showing that the protocol is insecure in the eCK' model. Our attacks prove that the Session-StateReveal query is stronger than the EphemeralKeyReveal query and that the eCK security model is incomparable to the CK model, disproving several claims made in the literature.