Paper 2005/455

Enhancing CK-Model for Key Compromise Impersonation Resilience and Identity-based Key Exchange

Robert W. Zhu, Xiaojian Tian, and Duncan S. Wong

Abstract

In 2001, Canetti and Krawczyk proposed a security model (CK-model) for authentication protocols. They also gave an indistinguishability-based definition for key exchange protocols. Since then the model has almost exclusively been used for analyzing key exchange protocols, although it can be applied to authentication protocols in general. The model not only captures a large class of attacks but also provides a modular approach to the design of authentication protocols. However, the model does not capture the property of Key Compromise Impersonation (KCI) Resilience. Until now, analysis concerning this property has mostly been done heuristically and restricted to key exchange protocols only. Previous attempts on formalizing KCI have mostly been done in some ad hoc manner and additional proofs have to be given, specifically for the security of KCI resilience. In this paper, we propose an extension to the CK-model, which allows, for the first time, the KCI attacks to be considered in authentication protocols in general, rather than restricted to key exchange protocols, and no more additional proofs are required specifically for KCI security. With the revival of interest in identity-based (ID-based) cryptography, there have been many new ID-based key exchange protocols proposed. Despite the fact that some of them have been proven in some restricted versions of a model proposed by Bellare and Rogaway in 1993 and some others have been proven in the original CK-model, there is no rigorous model specifically for ID-based key exchange security. In particular, forward secrecy against compromised Key Generation Server (KGS-FS) has never been captured even though this notion is more important and stronger than the perfect forward secrecy in ID-based key exchange. For this, we further extend our model to ID-based setting and capture the property of KGS-FS for ID-based key exchange security.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Unknown where it was published
Keywords
cryptographic protocolsCK-modelID-based cryptography
Contact author(s)
xjtian @ cityu edu hk
History
2006-06-13: revised
2005-12-14: received
See all versions
Short URL
https://ia.cr/2005/455
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2005/455,
      author = {Robert W.  Zhu and Xiaojian Tian and Duncan S.  Wong},
      title = {Enhancing {CK}-Model for Key Compromise Impersonation Resilience and Identity-based Key Exchange},
      howpublished = {Cryptology {ePrint} Archive, Paper 2005/455},
      year = {2005},
      url = {https://eprint.iacr.org/2005/455}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.