IACR News item: 29 May 2012
Andrew C. Yao, Yunlei Zhao
ePrint Report(referred to as the CK-protocol). We identify some new attacks on these protocols, showing in particular that these protocols are not computationally fair. Specifically, with our attacks, an
adversary can do the following damages:
(1) It can compute the session-key output with much lesser computational complexity than that of the victim honest player, and can maliciously nullify the contributions from the victim honest players.
(2) It can set the session-key output to be some pre-determined value, which can be efficiently and publicly computed without knowing any secrecy supposed to be held by the attacker.
We remark these attacks are beyond the traditional security models for group key-exchange and identity-based key-exchange.
Then, based on the computationally fair Diffie-Hellman key-
exchange in [21], we present some fixing approaches, and prove that the fixed protocols are computationally fair.
Additional news items may be found on the IACR news page.