Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
An Efficient Protocol for Authenticated Key Agreement
Designs, Codes and Cryptography
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS
Designs, Codes and Cryptography
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
An ID-based authenticated key exchange protocol based on bilinear Diffie-Hellman problem
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Strongly Secure Authenticated Key Exchange without NAXOS' Approach
IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
An eCK-Secure Authenticated Key Exchange Protocol without Random Oracles
ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Comparing SessionStateReveal and EphemeralKeyReveal for Diffie-Hellman Protocols
ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Security proofs for signature schemes
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
On the importance of checking cryptographic protocols for faults
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Stronger security of authenticated key exchange
ProvSec'07 Proceedings of the 1st international conference on Provable security
Authenticated key exchange and key encapsulation in the standard model
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
A new security model for authenticated key agreement
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Modeling and analyzing security in the presence of compromising adversaries
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
A secure and efficient authenticated Diffie-Hellman protocol
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
Designing efficient authenticated key exchange resilient to leakage of ephemeral secret keys
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
HMQV: a high-performance secure diffie-hellman protocol
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Security analysis of KEA authenticated key exchange protocol
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
A complementary analysis of the (s)YZ and DIKE protocols
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
Strongly authenticated key exchange protocol from bilinear groups without random oracles
ProvSec'12 Proceedings of the 6th international conference on Provable Security
Hi-index | 0.00 |
SMQV authenticated key exchange scheme was stated to be secure against leakage of intermediate computations, i.e., secure in the seCK model. However, in this paper, we show errors in the security proof of SMQV. The found errors proceed from a failure in a simulation of leakage of intermediate computations. Moreover, we identify flaws in the security proofs of the underlying building tools of both SMQV and FHMQV, showing that both SMQV and FHMQV are not proven secure even in the traditional CK model. Then, we consider the cause of difficulty to prove security in the seCK model and classify previous Diffie-Hellman type authenticated key exchange schemes in the sense of achievable security levels. As a result, unfortunately, known schemes fall into hard to prove or insecure. Accordingly, we suggest that Diffie-Hellman type schemes provably secure in the seCK model are hard (or highly subtle) to achieve. Therefore, this paper clarifies the technical limitations (or high subtleties) of Diffie-Hellman type schemes for achieving provable security in the seCK model against leakage of intermediate computations.