CryptoDB

Paper: Privacy-Preserving Authenticated Key Exchange in the Standard Model

Authors: You Lyu , Shanghai Jiao Tong University Shengli Liu , Shanghai Jiao Tong University Shuai Han , Shanghai Jiao Tong University Dawu Gu , Shanghai Jiao Tong University Search ePrint Search Google Slides ASIACRYPT 2022 Privacy-Preserving Authenticated Key Exchange (PPAKE) provides protection both for the session keys and the identity information of the involved parties. In this paper, we introduce the concept of robustness into PPAKE. Robustness enables each user to confirm whether itself is the target recipient of the first round message in the protocol. With the help of robustness, a PPAKE protocol can successfully avoid the heavy redundant communications and computations caused by the ambiguity of communicants in the existing PPAKE, especially in broadcast channels. We propose a generic construction of robust PPAKE from key encapsulation mechanism (KEM), digital signature (SIG), message authentication code (MAC), pseudo-random generator (PRG) and symmetric encryption (SE). By instantiating KEM, MAC, PRG from the DDH assumption and SIG from the CDH assumption, we obtain a specific robust PPAKE scheme in the standard model, which enjoys forward security for session keys, explicit authentication and forward privacy for user identities. Thanks to the robustness of our PPAKE, the number of broadcast messages per run and the computational complexity per user are constant, and in particular, independent of the number of users in the system.
BibTeX
@inproceedings{asiacrypt-2022-32489,
title={Privacy-Preserving Authenticated Key Exchange in the Standard Model},
publisher={Springer-Verlag},
author={You Lyu and Shengli Liu and Shuai Han and Dawu Gu},
year=2022
}