Please use this identifier to cite or link to this item:
Title: Efficient key exchange with tight security reduction
Authors: Wu, Jiang
Ustaoğlu, Berkant
Keywords: Cryptographic protocols
Authenticated key exchange
Publisher: International Association for Cryptologic Research
Source: Wu, J., and Ustaoğlu, B. (2009). Efficient key exchange with tight security reduction. Cryptology ePrint Archive, Report 2009/288.
Abstract: In this paper, we propose two authenticated key exchange (AKE) protocols, SMEN and SMEN−, which have efficient online computation and tight security proof in the extended Canetti-Krawczyk (eCK) model. SMEN takes 1.25 exponentiations in online computation, close to that (1.17 exponentiations) of the most efficient AKEs MQV and its variants HMQV and CMQV. SMEN has a security reduction as tight as that of NAXOS, which is the first AKE having a tight security reduction in the eCK model. As a comparison, MQV does not have a security proof; both HMQV and CMQV have a highly non-tight security reduction, and HMQV needs a non-standard assumption; NAXOS takes 2.17 exponentiations in online computation; NETS, a NAXOS variant, takes two online exponentiations in online computation. SMEN simultaneously achieves online efficiency and a tight security proof at a cost of 0.17 more exponentiations in offline computation and the restriction that one party is not allowed to establish a key with itself. SMEN− takes 1.29 exponentiations in online computation, but SMEN− does not use the static private key to compute the ephemeral public key (as does in SMEN, NAXOS, CMQV, and NETS), and hence reduces the risk of leaking the static private key.
Appears in Collections:Mathematics / Matematik

Files in This Item:
File Description SizeFormat 
4785.pdfMakale221.44 kBAdobe PDFThumbnail
Show full item record

CORE Recommender

Page view(s)

checked on Apr 15, 2024


checked on Apr 15, 2024

Google ScholarTM


Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.