New Security Results on Encrypted Key Exchange
- LBNL Library
Schemes for encrypted key exchange are designed to provide two entities communicating over a public network, and sharing a (short) password only, with a session key to be used to achieve data integrity and/or message confidentiality. An example of a very efficient and ''elegant'' scheme for encrypted key exchange considered for standardization by the IEEE P1363 Standard working group is AuthA. This scheme was conjectured secure when the symmetric-encryption primitive is instantiated via either a cipher that closely behaves like an ''ideal cipher,'' or a mask generation function that is the product of the message with a hash of the password. While the security of this scheme in the former case has been recently proven, the latter case was still an open problem. For the first time we prove in this paper that this scheme is secure under the assumptions that the hash function closely behaves like a random oracle and that the computational Diffie-Hellman problem is difficult. Furthermore, since Denial-of-Service (DoS) attacks have become a common threat we enhance AuthA with a mechanism to protect against them.
- Research Organization:
- Ernest Orlando Lawrence Berkeley National Laboratory, Berkeley, CA (US)
- Sponsoring Organization:
- USDOE Director. Office of Science. Computational and Technology Research (US)
- DOE Contract Number:
- AC03-76SF00098
- OSTI ID:
- 821760
- Report Number(s):
- LBNL--53099
- Country of Publication:
- United States
- Language:
- English
Similar Records
Provably Secure Password-based Authentication in TLS
Dynamic Group Diffie-Hellman Key Exchange under standard assumptions