Generic Forward-Secure Key Agreement Without Signatures

Guilhem, Cyprien Delpech de Saint; Smart, Nigel P.; Warinschi, Bogdan

doi:10.1007/978-3-319-69659-1_7

Cited by 9 publications

(2 citation statements)

References 26 publications

(34 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Nonetheless, the proposed scheme is still susceptible to man-in-the-middle attacks. Guilhem et al [14] presented an unauthenticated and thus CPA-secured secured key exchange protocol, which was selected by Hermelink et al [15] to be instantiated as a quantumsafe algorithm on the automotive microcontroller platform AURIX TM [16]. The proposed protocol generates an ephemeral key pair that is used to achieve forward.…”

Section: Related Workmentioning

confidence: 99%

Double Difficulties, Defense in depth A succinct authenticated key agreement protocol

Hsieh

2024

Preprint

View full text Add to dashboard Cite

In 2016, NIST announced an open competition with the goal of finding and standardizing a suitable quantum-resistant cryptographic algorithm, with the standard to be drafted in 2023. These algorithms aim to implement post-quantum secure key encapsulation mechanism (KEM) and digital signatures. However, the proposed algorithm does not consider authentication and is vulnerable to attacks such as man-in-the-middle. In this paper, we propose an authenticated key exchange algorithm to solve the above problems and improve its usability. The proposed algorithm combines learning with errors (LWE) and elliptic curve discrete logarithm problem to provide the required security goals. As forward security is a desirable property in a key exchange protocol, an ephemeral key pair is designed that a long-term secret compromise does not affect the security of past session keys. Moreover, the exchange steps required by the algorithm are very streamlined and can be completed with only two handshakes. We also use the random oracle model to prove the correctness and the security of proposed scheme. The performance analysis demonstrates the effectiveness of the proposed scheme. We believe that the novel approach introduced in this algorithm opens several doors for innovative applications of digital signatures in KEMs.

show abstract

Section: Related Workmentioning

confidence: 99%

Double Difficulties, Defense in depth A succinct authenticated key agreement protocol

Hsieh

2024

Preprint

View full text Add to dashboard Cite

show abstract

“…We now turn towards the question of how to achieve hybrid authenticated key exchange from hybrid KEMs. There exists a vast body of literature on compilers for authenticated key exchange [6,18,29,31,34,36]. In the following we consider secure AKE protocols from key encapsulation mechanisms combined with SigMA-style authentication [32].…”

Section: Authenticated Key Exchange From Hybrid Kemsmentioning

confidence: 99%

Hybrid Key Encapsulation Mechanisms and Authenticated Key Exchange

Bindel

Brendel

Fischlin

et al. 2019

Post-Quantum Cryptography

View full text Add to dashboard Cite

Concerns about the impact of quantum computers on currently deployed public key cryptography have instigated research into not only quantum-resistant cryptographic primitives but also how to transition applications from classical to quantum-resistant solutions. One approach to mitigate the risk of quantum attacks and to preserve common security guarantees are hybrid schemes, which combine classically secure and quantum-resistant schemes. Various academic and industry experiments and draft standards related to the Transport Layer Security (TLS) protocol already use some form of hybrid key exchange; however sound theoretical approaches to substantiate the design and security of such hybrid key exchange protocols are missing so far.We initiate the modeling of hybrid authenticated key exchange protocols, considering security against adversaries with varying levels of quantum power over time, such as adversaries who may become quantum in the future or are quantum in the present. We reach our goal using a three-step approach: First, we introduce security notions for key encapsulation mechanisms (KEMs) that enable a fine-grained distinction between different quantum scenarios. Second, we propose several combiners for constructing hybrid KEMs that correspond closely to recently proposed Internet-Drafts for hybrid key exchange in TLS 1.3. Finally, we present a provably sound design for hybrid key exchange using KEMs as building blocks.

show abstract

Strongly Secure Authenticated Key Exchange from Supersingular Isogenies

Han

Wang

et al. 2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Generic Forward-Secure Key Agreement Without Signatures

Cited by 9 publications

References 26 publications

Double Difficulties, Defense in depth A succinct authenticated key agreement protocol

Double Difficulties, Defense in depth A succinct authenticated key agreement protocol

Hybrid Key Encapsulation Mechanisms and Authenticated Key Exchange

Strongly Secure Authenticated Key Exchange from Supersingular Isogenies

Contact Info

Product

Resources

About