Efficient and timely mutual authentication
ACM SIGOPS Operating Systems Review
ACM Transactions on Computer Systems (TOCS)
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Provably secure session key distribution: the three party case
STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Strand spaces: proving security protocols correct
Journal of Computer Security
A key distribution protocol using event markers
ACM Transactions on Computer Systems (TOCS)
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Flaws in Applying Proof Methodologies to Signature Schemes
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Provably secure key exchange: an engineering approach
ACSW Frontiers '03 Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003 - Volume 21
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
A cryptographically sound security proof of the Needham-Schroeder-Lowe public-key protocol
IEEE Journal on Selected Areas in Communications
Partnership in key exchange protocols
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
The importance of proofs of security for key establishment protocols
Computer Communications
3-party approach for fast handover in EAP-based wireless networks
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
Traceable privacy of recent provably-secure RFID protocols
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Analysis of Handover Key Management schemes under IETF perspective
Computer Standards & Interfaces
Secure three-party key distribution protocol for fast network access in EAP-based wireless networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Composition theorems without pre-established session identifiers
Proceedings of the 18th ACM conference on Computer and communications security
On the security of the canetti-krawczyk model
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
A framework for robust group key agreement
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
| Hi-index | 0.00 |
We observe that the definitions of security in the computational complexity proof models of Bellare & Rogaway (1993) and Canetti & Krawczyk (2001) require two partners in the presence of a malicious adversary to accept the same session key, which we term a key sharing requirement. We then revisit the Bellare–Rogaway three-party key distribution (3PKD) protocol and the Jeong–Katz–Lee two-party authenticated key exchange protocol $\mathcal{TS}2$, which carry claimed proofs of security in the Canetti & Krawczyk (2001) model and the Bellare & Rogaway (1993) model respectively. We reveal previously unpublished flaws in these protocols where we demonstrate that both protocols fail to satisfy the definition of security in the respective models. We present a new 3PKD protocol as an improvement with a proof of security in the Canetti & Krawczyk (2001) model and a simple fix to the specification of protocol $\mathcal{TS}2$. We also identify several variants of the key sharing requirement and present a brief discussion.