International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Modular Design of Role-Symmetric Authenticated Key Exchange Protocols

Yuting Xiao , SKLOIS, IIE, CAS;
Rui Zhang , SKLOIS, IIE, CAS;
DOI: 10.1007/978-3-030-92068-5_25
Search ePrint
Search Google
Conference: ASIACRYPT 2021
Abstract: Authenticated Key Exchange (AKE) is an important primitive in applied cryptography. Previously several strong models of AKE were introduced, e.g., CK, CK+, eCK and their extended versions considering perfect forward secrecy (PFS), (denoted by a “-PFS” suffix). These models provide different security guarantees and they are incomparable. Hence, one still lacks systematic understanding of the prerequisites for secure AKEs and a modular design of AKE protocols. In this paper, we investigate this issue in the context of One-Round Authenticated Key Exchange (ORKE), which is role-symmetric for players and only needs a single round to establish a session key. Our treatments are as follows: First, we reformat the CK, CK-PFS, CK+, CK+-PFS, eCK and eCK-PFS models in the context of ORKE, some of which are formulated for the first time in the literature. Next, we introduce a new tool, Key-wise Recoverable Function (KRF). With merely black-box calls to KRFs, we build modular constructions for ORKEs. As an immediate application, many previous protocols can be explained naturally by the construction. We further build a protocol with CK, CK+, eCK, CK-PFS, CK+-PFS and eCK-PFS security simultaneously, by properly instantiating the underlying KRF. As a by-product, we have simplified proofs for a few known protocols, with non-standard assumptions avoidable.
Video from ASIACRYPT 2021
  title={Modular Design of Role-Symmetric Authenticated Key Exchange Protocols},
  author={Yuting Xiao and Rui Zhang and Hui Ma},