skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Provably-Secure Authenticated Group Diffie-Hellman KeyExchange

Abstract

Authenticated key exchange protocols allow two participantsA and B, communicating over a public network and each holding anauthentication means, to exchange a shared secret value. Methods designedto deal with this cryptographic problem ensure A (resp. B) that no otherparticipants aside from B (resp. A) can learn any information about theagreed value, and often also ensure A and B that their respective partnerhas actually computed this value. A natural extension to thiscryptographic method is to consider a pool of participants exchanging ashared secret value and to provide a formal treatment for it. Startingfrom the famous 2-party Diffie-Hellman (DH) key exchange protocol, andfrom its authenticated variants, security experts have extended it to themulti-party setting for over a decade and completed a formal analysis inthe framework of modern cryptography in the past few years. The presentpaper synthesizes this body of work on the provably-secure authenticatedgroup DH key exchange.

Authors:
; ;
Publication Date:
Research Org.:
COLLABORATION - DCSSI CryptoLaboratory/France
Sponsoring Org.:
USDOE
OSTI Identifier:
928999
Report Number(s):
LBNL-54708
R&D Project: KL0501; BnR: YN0100000; TRN: US200812%%421
DOE Contract Number:
DE-AC02-05CH11231
Resource Type:
Journal Article
Resource Relation:
Journal Name: ACM Transactions on Information and System Security Journal(TISSEC); Journal Volume: 10; Journal Issue: 3; Related Information: Journal Publication Date: July 2007
Country of Publication:
United States
Language:
English
Subject:
54; SECRECY PROTECTION; SECURITY; COMPUTER NETWORKS

Citation Formats

Bresson, Emmanuel, Chevassut, Olivier, and Pointcheval, David. Provably-Secure Authenticated Group Diffie-Hellman KeyExchange. United States: N. p., 2007. Web.
Bresson, Emmanuel, Chevassut, Olivier, & Pointcheval, David. Provably-Secure Authenticated Group Diffie-Hellman KeyExchange. United States.
Bresson, Emmanuel, Chevassut, Olivier, and Pointcheval, David. Mon . "Provably-Secure Authenticated Group Diffie-Hellman KeyExchange". United States. doi:. https://www.osti.gov/servlets/purl/928999.
@article{osti_928999,
title = {Provably-Secure Authenticated Group Diffie-Hellman KeyExchange},
author = {Bresson, Emmanuel and Chevassut, Olivier and Pointcheval, David},
abstractNote = {Authenticated key exchange protocols allow two participantsA and B, communicating over a public network and each holding anauthentication means, to exchange a shared secret value. Methods designedto deal with this cryptographic problem ensure A (resp. B) that no otherparticipants aside from B (resp. A) can learn any information about theagreed value, and often also ensure A and B that their respective partnerhas actually computed this value. A natural extension to thiscryptographic method is to consider a pool of participants exchanging ashared secret value and to provide a formal treatment for it. Startingfrom the famous 2-party Diffie-Hellman (DH) key exchange protocol, andfrom its authenticated variants, security experts have extended it to themulti-party setting for over a decade and completed a formal analysis inthe framework of modern cryptography in the past few years. The presentpaper synthesizes this body of work on the provably-secure authenticatedgroup DH key exchange.},
doi = {},
journal = {ACM Transactions on Information and System Security Journal(TISSEC)},
number = 3,
volume = 10,
place = {United States},
year = {Mon Jan 01 00:00:00 EST 2007},
month = {Mon Jan 01 00:00:00 EST 2007}
}
  • No abstract prepared.
  • Dynamic group Diffie-Hellman protocols for Authenticated Key Exchange(AKE) are designed to work in scenario in which the group membership is not known in advance but where parties may join and may also leave the multicast group at any given time. While several schemes have been proposed to deal with this scenario no formal treatment for this cryptographic problem has ever been suggested. In this paper, we define a security model for this problem and use it to precisely define Authenticated Key Exchange (AKE) with ''implicit'' authentication as the fundamental goal, and the entity-authentication goal as well. We then define inmore » this model the execution of a protocol modified from a dynamic group Diffie-Hellman scheme offered in the literature and prove its security.« less
  • Authenticated two-party Diffie-Hellman key exchange allows two principals A and B, communicating over a public network, and each holding a pair of matching public/private keys to agree on a session key. Protocols designed to deal with this problem ensure A (B resp.)that no other principals aside from B (A resp.) can learn any information about this value. These protocols additionally often ensure A and B that their respective partner has actually computed the shared secret value. A natural extension to the above cryptographic protocol problem is to consider a pool of principals agreeing on a session key. Over the yearsmore » several papers have extended the two-party Diffie-Hellman key exchange to the multi-party setting but no formal treatments were carried out till recently. In light of recent developments in the formalization of the authenticated two-party Diffie-Hellman key exchange we have in this thesis laid out the authenticated group Diffie-Hellman key exchange on firmer foundations.« less
  • The IEEE 802 standards ease the deployment of networkinginfrastructures and enable employers to accesscorporate networks whiletraveling. These standards provide two modes of communication calledinfrastructure and ad-hoc modes. A security solution for the IEEE802.11's infrastructure mode took several years to reach maturity andfirmware are still been upgraded, yet a solution for the ad-hoc modeneeds to be specified. The present paper is a first attempt in thisdirection. It leverages the latest developments in the area ofpassword-based authentication and (group) Diffie-Hellman key exchange todevelop a provably-secure key-exchange protocol for IEEE 802.11's ad-hocmode. The protocol allows users to securely join and leave the wirelessgroupmore » at time, accommodates either a single-shared password orpairwise-shared passwords among the group members, or at least with acentral server; achieves security against dictionary attacks in theideal-hash model (i.e. random-oracles). This is, to the best of ourknowledge, the first such protocol to appear in the cryptographicliterature.« less
  • The Internet has evolved into a very hostile ecosystem where"phishing'' attacks are common practice. This paper shows that thethree-party group Diffie-Hellman key exchange can help protect againstthese attacks. We have developed a suite of password-based cipher suitesfor the Transport Layer Security (TLS) protocol that are not onlyprovably secure but also assumed to be free from patent and licensingrestrictions based on an analysis of relevant patents in thearea.