International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

A New Security Model for Authenticated Key Agreement

Authors:
Jean–Claude Bajard
Augustin P. Sarr
Philippe Elbaz–Vincent
Download:
URL: http://eprint.iacr.org/2010/237
Search ePrint
Search Google
Abstract: The Canetti--Krawczyk (CK) and extended Canetti--Krawczyk (eCK) security models, are widely used to provide security arguments for key agreement protocols. We discuss security shades in the (e)CK models, and some practical attacks unconsidered in (e)CK--security arguments. We propose a strong security model which encompasses the eCK one. We also propose a new protocol, called Strengthened MQV (SMQV), which in addition to provide the same efficiency as the (H)MQV protocols, is particularly suited for distributed implementations wherein a tamper--proof device is used to store long--lived keys, while session keys are used on an untrusted host machine. The SMQV protocol meets our security definition under the Gap Diffie--Hellman assumption and the Random Oracle model.
BibTeX
@misc{eprint-2010-23138,
  title={A New Security Model for Authenticated Key Agreement},
  booktitle={IACR Eprint archive},
  keywords={authenticated key agreement, practical vulnerability, strengthened eCK model, SMQV},
  url={http://eprint.iacr.org/2010/237},
  note={A short version of this paper is accepted at SCN 2010 a.sarr@netheos.net, augussarr@yahoo.fr, 14778 received 27 Apr 2010, last revised 18 Jun 2010},
  author={Jean–Claude Bajard and Augustin P. Sarr and Philippe Elbaz–Vincent},
  year=2010
}