Paper 2014/797

Tightly-Secure Authenticated Key Exchange

Christoph Bader, Dennis Hofheinz, Tibor Jager, Eike Kiltz, and Yong Li

Abstract

We construct the first Authenticated Key Exchange (AKE) protocol whose security does not degrade with an increasing number of users or sessions. We describe a three-message protocol and prove security in an enhanced version of the classical Bellare-Rogaway security model. Our construction is modular, and can be instantiated efficiently from standard assumptions (such as the SXDH or DLIN assumptions in pairing-friendly groups). For instance, we provide an SXDH-based protocol whose communication complexity is only 14 group elements and 4 exponents (plus some bookkeeping information). Along the way we develop new, stronger security definitions for digital signatures and key encapsulation mechanisms. For instance, we introduce a security model for digital signatures that provides existential unforgeability under chosen-message attacks in a multi-user setting with adaptive corruptions of secret keys. We show how to construct efficient schemes that satisfy the new definitions with tight security proofs under standard assumptions.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A minor revision of an IACR publication in TCC 2015
Keywords
Authenticated key exchangetight security proofsdigital signature schemesGroth-Sahai proofs
Contact author(s)
christoph bader @ rub de
History
2015-01-12: revised
2014-10-10: received
See all versions
Short URL
https://ia.cr/2014/797
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/797,
      author = {Christoph Bader and Dennis Hofheinz and Tibor Jager and Eike Kiltz and Yong Li},
      title = {Tightly-Secure Authenticated Key Exchange},
      howpublished = {Cryptology ePrint Archive, Paper 2014/797},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/797}},
      url = {https://eprint.iacr.org/2014/797}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.