Authentication and authenticated key exchanges
Designs, Codes and Cryptography
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
An unknown key-share attack on the MQV key agreement protocol
ACM Transactions on Information and System Security (TISSEC)
Handbook of Applied Cryptography
Handbook of Applied Cryptography
An Efficient Protocol for Authenticated Key Agreement
Designs, Codes and Cryptography
The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Authenticated Diffie-Hellman Key Agreement Protocols
SAC '98 Proceedings of the Selected Areas in Cryptography
Security Analysis of IKE's Signature-Based Key-Exchange Protocol
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
On the Existence of 3-Round Zero-Knowledge Protocols
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Universally Composable Notions of Key Exchange and Secure Channels
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Key Agreement Protocols and Their Security Analysis
Proceedings of the 6th IMA International Conference on Cryptography and Coding
The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Towards Practical Public Key Systems Secure Against Chosen Ciphertext Attacks
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
SKEME: a versatile secure key exchange mechanism for Internet
SNDSS '96 Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96)
Protocols for Key Establishment and Authentication
Protocols for Key Establishment and Authentication
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Lower bounds for discrete logarithms and related problems
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Efficient and non-malleable proofs of plaintext knowledge and applications
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
HMQV: a high-performance secure diffie-hellman protocol
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Secure off-the-record messaging
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Information Sciences: an International Journal
Provable data possession at untrusted stores
Proceedings of the 14th ACM conference on Computer and communications security
Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS
Designs, Codes and Cryptography
Securing group key exchange against strong corruptions
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Security arguments for the UM key agreement protocol in the NIST SP 800-56A standard
Proceedings of the 2008 ACM symposium on Information, computer and communications security
ID-based one-pass authenticated key establishment
AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
Constant-Round Authenticated Group Key Exchange with Logarithmic Computation Complexity
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
A Provably Secure One-Pass Two-Party Key Establishment Protocol
Information Security and Cryptology
Comparing the Pre- and Post-specified Peer Models for Key Agreement
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Efficient One-Round Key Exchange in the Standard Model
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Securing group key exchange against strong corruptions and key registration attacks
International Journal of Applied Cryptography
An improved identity-based key agreement protocol and its security proof
Information Sciences: an International Journal
One-round key exchange in the standard model
International Journal of Applied Cryptography
Comparing the pre- and post-specified peer models for key agreement
International Journal of Applied Cryptography
Modeling Key Compromise Impersonation Attacks on Group Key Exchange Protocols
Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
An ID-based authenticated key exchange protocol based on bilinear Diffie-Hellman problem
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
A Framework for Authenticated Key Exchange in the Standard Model
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
A New Strongly Secure Authenticated Key Exchange Protocol
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Password-Authenticated Group Key Agreement with Adaptive Security and Contributiveness
AFRICACRYPT '09 Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology
Towards Denial-of-Service-Resilient Key Agreement Protocols
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Proceedings of the 16th ACM conference on Computer and communications security
Strongly Secure Authenticated Key Exchange without NAXOS' Approach
IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
An eCK-Secure Authenticated Key Exchange Protocol without Random Oracles
ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
Comparing SessionStateReveal and EphemeralKeyReveal for Diffie-Hellman Protocols
ProvSec '09 Proceedings of the 3rd International Conference on Provable Security
HPAKE: Password Authentication Secure against Cross-Site User Impersonation
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Fully Robust Tree-Diffie-Hellman Group Key Exchange
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
A Study of Two-Party Certificateless Authenticated Key-Agreement Protocols
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
Efficient Constructions of Signcryption Schemes and Signcryption Composability
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
An efficient fault-tolerant group key agreement protocol
Computer Communications
(Password) authenticated key establishment: from 2-party to group
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Stronger security of authenticated key exchange
ProvSec'07 Proceedings of the 1st international conference on Provable security
Authenticated key exchange and key encapsulation in the standard model
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
On the connection between signcryption and one-pass key establishment
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
Security analysis of the authentication modules of Chinese WLAN standard and its implementation plan
NPC'07 Proceedings of the 2007 IFIP international conference on Network and parallel computing
A secure and efficient three-pass authenticated key agreement protocol based on elliptic curves
NETWORKING'08 Proceedings of the 7th international IFIP-TC6 networking conference on AdHoc and sensor networks, wireless networks, next generation internet
An insider-resistant group key exchange protocol without signatures
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Channel-based unidirectional stream protocol (CUSP)
INFOCOM'10 Proceedings of the 29th conference on Information communications
Strong designated verifier signature in a multi-user setting
AISC '09 Proceedings of the Seventh Australasian Conference on Information Security - Volume 98
Provably secure authenticated key exchange protocol under the CDH assumption
Journal of Systems and Software
A security weakness in Abdalla et al.'s generic construction of a group key exchange protocol
Information Sciences: an International Journal
Modeling leakage of ephemeral secrets in tripartite/group key exchange
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
A new security model for authenticated key agreement
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Modeling and analyzing security in the presence of compromising adversaries
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Okamoto-Tanaka revisited: fully authenticated diffie-hellman with minimal overhead
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
Deniable internet key exchange
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
Certificateless public key encryption: A new generic construction and two pairing-free schemes
Theoretical Computer Science
International Journal of Applied Cryptography
On reusing ephemeral keys in Diffie-Hellman key agreement protocols
International Journal of Applied Cryptography
Pairing'10 Proceedings of the 4th international conference on Pairing-based cryptography
Remote data checking using provable data possession
ACM Transactions on Information and System Security (TISSEC)
Designing efficient authenticated key exchange resilient to leakage of ephemeral secret keys
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
One-pass HMQV and asymmetric key-wrapping
PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
Strongly secure certificateless key exchange without pairing
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Strongly secure identity-based authenticated key agreement protocols
Computers and Electrical Engineering
Identity-based key exchange protocols without pairings
Transactions on computational science X
J-PAKE: authenticated key exchange without PKI
Transactions on computational science XI
Extended KCI attack against two-party key establishment protocols
Information Processing Letters
Highly-efficient universally-composable commitments based on the DDH assumption
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Analysis and improvement of an authenticated key exchange protocol
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
Key exchange in IPsec revisited: formal analysis of IKEv1 and IKEv2
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
ProvSec'11 Proceedings of the 5th international conference on Provable security
TMQV: a strongly eCK-secure Diffie-Hellman protocol without gap assumption
ProvSec'11 Proceedings of the 5th international conference on Provable security
Strongly secure one round authenticated key exchange protocol with perfect forward security
ProvSec'11 Proceedings of the 5th international conference on Provable security
Modeling key compromise impersonation attacks on group key exchange protocols
ACM Transactions on Information and System Security (TISSEC)
Provably secure three-party password-based authenticated key exchange protocol
Information Sciences: an International Journal
Characterization of strongly secure authenticated key exchanges without NAXOS technique
IWSEC'11 Proceedings of the 6th International conference on Advances in information and computer security
On the importance of public-key validation in the MQV and HMQV key agreement protocols
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
Errors in computational complexity proofs for protocols
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Security of two-party identity-based key agreement
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
HMQV: a high-performance secure diffie-hellman protocol
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
On robust key agreement based on public key authentication
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
About the security of MTI/C0 and MQV
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
A new key exchange protocol based on MQV assuming public computations
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
Security analysis of KEA authenticated key exchange protocol
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
The cramer-shoup encryption scheme is plaintext aware in the standard model
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
A diffie-hellman key exchange protocol without random oracles
CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
Making the diffie-hellman protocol identity-based
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Cryptanalysis of a group key transfer protocol based on secret sharing
FGIT'11 Proceedings of the Third international conference on Future Generation Information Technology
A framework for practical universally composable zero-knowledge protocols
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Authenticated key exchange under bad randomness
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
On forward secrecy in one-round key exchange
IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
Comments on the SM2 key exchange protocol
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
Security analysis and enhancement for three-party password-based authenticated key exchange protocol
Security and Communication Networks
Computationally-Fair group and identity-based key-exchange
TAMC'12 Proceedings of the 9th Annual international conference on Theory and Applications of Models of Computation
Strongly secure authenticated key exchange from factoring, codes, and lattices
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Security analysis of a multi-factor authenticated key exchange protocol
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
A complementary analysis of the (s)YZ and DIKE protocols
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
Sufficient condition for ephemeral key-leakage resilient tripartite key exchange
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Strongly-secure identity-based key agreement and anonymous extension
ISC'07 Proceedings of the 10th international conference on Information Security
Authenticated key exchange with entities from different settings and varied groups
ProvSec'12 Proceedings of the 6th international conference on Provable Security
Anonymity and one-way authentication in key exchange protocols
Designs, Codes and Cryptography
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
OAKE: a new family of implicitly authenticated diffie-hellman protocols
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Improved group off-the-record messaging
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
Exposure-resilient one-round tripartite key exchange without random oracles
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Journal of Medical Systems
Deniability and forward secrecy of one-round authenticated key exchange
The Journal of Supercomputing
| Hi-index | 0.00 |
The MQV protocol of Law, Menezes, Qu, Solinas and Vanstone is possibly the most efficient of all known authenticated Diffie-Hellman protocols that use public-key authentication. In addition to great performance, the protocol has been designed to achieve a remarkable list of security properties. As a result MQV has been widely standardized, and has recently been chosen by the NSA as the key exchange mechanism underlying “the next generation cryptography to protect US government information”. One question that has not been settled so far is whether the protocol can be proven secure in a rigorous model of key-exchange security. In order to provide an answer to this question we analyze the MQV protocol in the Canetti-Krawczyk model of key exchange. Unfortunately, we show that MQV fails to a variety of attacks in this model that invalidate its basic security as well as many of its stated security goals. On the basis of these findings, we present HMQV, a carefully designed variant of MQV, that provides the same superb performance and functionality of the original protocol but for which all the MQV's security goals can be formally proved to hold in the random oracle model under the computational Diffie-Hellman assumption. We base the design and proof of HMQV on a new form of “challenge-response signatures”, derived from the Schnorr identification scheme, that have the property that both the challenger and signer can compute the same signature; the former by having chosen the challenge and the latter by knowing the private signature key.