On session key construction in provably-secure key establishment protocols

Authors:
Kim-Kwang Raymond Choo;Colin Boyd;Yvonne Hitchcock
Affiliations:
Information Security Institute, Queensland University of Technology, Brisbane, QLD, Australia;Information Security Institute, Queensland University of Technology, Brisbane, QLD, Australia;Information Security Institute, Queensland University of Technology, Brisbane, QLD, Australia
Venue:
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
Year:
2005

Citing 13
Cited 16

Entity authentication and key distribution

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Provably secure session key distribution: the three party case

STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract)

STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Timestamps in key distribution protocols

Communications of the ACM
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels

EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Entity Authentication and Authenticated Key Transport Protocols Employing Asymmetric Techniques

Proceedings of the 5th International Workshop on Security Protocols
Key Agreement Protocols and Their Security Analysis

Proceedings of the 6th IMA International Conference on Cryptography and Coding
The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes

PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Some attacks upon authenticated group key agreement protocols

Journal of Computer Security - Special issue on CSFW14
The importance of proofs of security for key establishment protocols

Computer Communications
Authenticated key exchange secure against dictionary attacks

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Protocols for Authentication and Key Establishment

Protocols for Authentication and Key Establishment
A new two-party identity-based authenticated key agreement

CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology

On security proof of McCullagh Barreto's key agreement protocol and its variants

International Journal of Security and Networks
On the Security Analysis of Lee, Hwang & Lee (2004) and Song & Kim (2000) Key Exchange / Agreement Protocols

Informatica
An Integrative Framework to Protocol Analysis and Repair: Bellare-Rogaway Model + Planning + Model Checker

Informatica
An improved identity-based key agreement protocol and its security proof

Information Sciences: an International Journal
An ID-based authenticated key exchange protocol based on bilinear Diffie-Hellman problem

Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Research of the chinese CAPTCHA system based on AJAX

WSEAS Transactions on Circuits and Systems
Traceable privacy of recent provably-secure RFID protocols

ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
A secure and efficient three-pass authenticated key agreement protocol based on elliptic curves

NETWORKING'08 Proceedings of the 7th international IFIP-TC6 networking conference on AdHoc and sensor networks, wireless networks, next generation internet
Key establishment protocols using environmental and physiological data in wireless sensor networks

International Journal of Sensor Networks
Strongly secure identity-based authenticated key agreement protocols

Computers and Electrical Engineering
Modular security proofs for key agreement protocols

ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Errors in computational complexity proofs for protocols

ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Security of two-party identity-based key agreement

Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
SP 800-56A. Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised)

SP 800-56A. Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised)
A provably secure authenticated key agreement protocol for wireless communications

Computers and Electrical Engineering
Strongly-secure identity-based key agreement and anonymous extension

ISC'07 Proceedings of the 10th international conference on Information Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

We examine the role of session key construction in provably-secure key establishment protocols. We revisit an ID-based key establishment protocol due to Chen & Kudla (2003) and an ID-based protocol 2P-IDAKA due to McCullagh & Barreto (2005). Both protocols carry proofs of security in a weaker variant of the Bellare & Rogaway (1993) model where the adversary is not allowed to make any Reveal query. We advocate the importance of such a (Reveal) query as it captures the known-key security requirement. We then demonstrate that a small change to the way that session keys are constructed in both protocols results in these protocols being secure without restricting the adversary from asking the Reveal queries in most situations. We point out some errors in the existing proof for protocol 2P-IDAKA, and provide proof sketches for the improved Chen & Kudla’s protocol. We conclude with a brief discussion on ways to construct session keys in key establishment protocols.