Reusing static keys in key agreement protocols

Chatterjee, Sanjit; Menezes, Alfred; Ustaoğlu, Berkant

View/Open

Conference Paper (285.9Kb)

Date

2009

Author

Chatterjee, Sanjit

Menezes, Alfred

Ustaoğlu, Berkant

Metadata

Show full item record

Abstract

Contrary to conventional cryptographic wisdom, the NIST SP 800-56A standard explicitly allows the use of a static key pair in more than one of the key establishment protocols described in the standard. In this paper, we give examples of key establishment protocols that are individually secure, but which are insecure when static key pairs are reused in two of the protocols. We also propose an enhancement of the extended Canetti-Krawczyk security model and definition for the situation where static public keys are reused in two or more key agreement protocols. © 2009 Springer-Verlag.

URI

http://doi.org/10.1007/978-3-642-10628-6_3
http://hdl.handle.net/11147/4774

Collections

Mathematics / Matematik [528]
Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection [3276]
WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection [2953]