skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: New Security Results on Encrypted Key Exchange

Abstract

Schemes for encrypted key exchange are designed to provide two entities communicating over a public network, and sharing a (short) password only, with a session key to be used to achieve data integrity and/or message confidentiality. An example of a very efficient and ''elegant'' scheme for encrypted key exchange considered for standardization by the IEEE P1363 Standard working group is AuthA. This scheme was conjectured secure when the symmetric-encryption primitive is instantiated via either a cipher that closely behaves like an ''ideal cipher,'' or a mask generation function that is the product of the message with a hash of the password. While the security of this scheme in the former case has been recently proven, the latter case was still an open problem. For the first time we prove in this paper that this scheme is secure under the assumptions that the hash function closely behaves like a random oracle and that the computational Diffie-Hellman problem is difficult. Furthermore, since Denial-of-Service (DoS) attacks have become a common threat we enhance AuthA with a mechanism to protect against them.

Authors:
; ;
Publication Date:
Research Org.:
Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States)
Sponsoring Org.:
USDOE Director. Office of Science. Computational and Technology Research (US)
OSTI Identifier:
821760
Report Number(s):
LBNL-53099
R&D Project: K52015; TRN: US200411%%710
DOE Contract Number:  
AC03-76SF00098
Resource Type:
Conference
Resource Relation:
Conference: International Workshop on Practice and Theory in Public Key Cryptographic (PKC), Singapore (SG), 03/01/2004--03/04/2004; Other Information: PBD: 15 Dec 2003
Country of Publication:
United States
Language:
English
Subject:
42 ENGINEERING; SECURITY; STANDARDIZATION; LAWRENCE BERKELEY LABORATORY

Citation Formats

Bresson, Emmanuel, Chevassut, Olivier, and Pointcheval, David. New Security Results on Encrypted Key Exchange. United States: N. p., 2003. Web.
Bresson, Emmanuel, Chevassut, Olivier, & Pointcheval, David. New Security Results on Encrypted Key Exchange. United States.
Bresson, Emmanuel, Chevassut, Olivier, and Pointcheval, David. 2003. "New Security Results on Encrypted Key Exchange". United States. https://www.osti.gov/servlets/purl/821760.
@article{osti_821760,
title = {New Security Results on Encrypted Key Exchange},
author = {Bresson, Emmanuel and Chevassut, Olivier and Pointcheval, David},
abstractNote = {Schemes for encrypted key exchange are designed to provide two entities communicating over a public network, and sharing a (short) password only, with a session key to be used to achieve data integrity and/or message confidentiality. An example of a very efficient and ''elegant'' scheme for encrypted key exchange considered for standardization by the IEEE P1363 Standard working group is AuthA. This scheme was conjectured secure when the symmetric-encryption primitive is instantiated via either a cipher that closely behaves like an ''ideal cipher,'' or a mask generation function that is the product of the message with a hash of the password. While the security of this scheme in the former case has been recently proven, the latter case was still an open problem. For the first time we prove in this paper that this scheme is secure under the assumptions that the hash function closely behaves like a random oracle and that the computational Diffie-Hellman problem is difficult. Furthermore, since Denial-of-Service (DoS) attacks have become a common threat we enhance AuthA with a mechanism to protect against them.},
doi = {},
url = {https://www.osti.gov/biblio/821760}, journal = {},
number = ,
volume = ,
place = {United States},
year = {Mon Dec 15 00:00:00 EST 2003},
month = {Mon Dec 15 00:00:00 EST 2003}
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share: