IACR News item: 28 September 2015
Almog Benin, Sivan Toledo, Eran Tromer
ePrint ReportFirst, we define a user-interface primitive, oblivious comparison, that allows users to approve authentic associations and abort compromised ones. This distills and generalizes several existing approve/abort mechanisms, and moreover we experimentally show that OC can be implemented using very little hardware: one LED and one switch.
Second, we provide a new Message Recognition Protocol (MRP) that allows devices associated using oblivious comparison to exchange authenticated messages without the use of public-key cryptography (which exceeds the capabilities of many IoT devices). This protocol improves upon previously proposed MRPs in several respects.
Third, we propose a robust definition of security for MRPs that is based on universal composability, and show that our MRP satisfies this definition.
Additional news items may be found on the IACR news page.