On the cryptographic applications of random functions
Proceedings of CRYPTO 84 on Advances in cryptology
One-way functions are necessary and sufficient for secure signatures
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Provably secure session key distribution: the three party case
STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Universally composable two-party and multi-party secure computation
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
SIAM Journal on Computing
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Some definitions, protocols and proofs about secure authentication
CASCON '92 Proceedings of the 1992 conference of the Centre for Advanced Studies on Collaborative research - Volume 2
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
Password based key exchange with mutual authentication
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
Errors in computational complexity proofs for protocols
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Deniable Authentication on the Internet
Information Security and Cryptology
| Hi-index | 0.00 |
The notion of authenticator, proposed by Bellare et al., is to transform a protocol secure in the authenticated-link model to a new one secure in the unauthenticated-link model. This notion admits a modular design and analysis of cryptographic protocols and thus greatly simplifies the underlying tasks. However, all previous authenticators are constructed via a so called MT-authenticator. This kind of authenticator authenticates each message independently. Thus, the round complexity of the resulting protocol is amplified by a multiplicative factor. In this paper, we propose two efficient authenticators which authenticate the protocol as a whole and the round complexity of the resulting protocol increases only by at most an additively small number. We also construct a very efficient key exchange protocol. Our protocol is provably secure under the general cryptographic assumption (especially without a concrete hardness assumption such as DDH or RSA). Of an independent interest, our security proof lies in the emulation based ideal-real model, instead of the widely adopted (seemingly weaker) SK-security. To our knowledge, this is the first protocol of its kind. It is worth mentioning that all our constructions are obtained by improving the related protocols of Bellare et al. [1].