The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES

Abdalla, Michel; Bellare, Mihir; Rogaway, Phillip

doi:10.1007/3-540-45353-9_12

Cited by 332 publications

(387 citation statements)

References 16 publications

Supporting

Mentioning

381

Contrasting

Unclassified

Order By: Relevance

“…The definition of time-complexity that we use henceforth is the usual one, which includes the maximum of all execution times in the experiments defining the security plus the code size [1]. Note that the advantage of an adversary that simply guesses the bit b is 0 in the above definition due to the rescaling of the probabilities.…”

Section: Security Definitionsmentioning

confidence: 99%

See 1 more Smart Citation

Password-Based Authenticated Key Exchange in the Three-Party Setting

Abdalla

Fouque

Pointcheval

2005

Lecture Notes in Computer Science

Self Cite

527

123

View full text Add to dashboard Cite

Abstract. Password-based authenticated key exchange are protocols which are designed to be secure even when the secret key or password shared between two users is drawn from a small set of values. Due to the low entropy of passwords, such protocols are always subject to online guessing attacks. In these attacks, the adversary may succeed with non-negligible probability by guessing the password shared between two users during its on-line attempt to impersonate one of these users. The main goal of password-based authenticated key exchange protocols is to restrict the adversary to this case only. In this paper, we consider password-based authenticated key exchange in the three-party scenario, in which the users trying to establish a secret do not share a password between themselves but only with a trusted server. Towards our goal, we recall some of the existing security notions for password-based authenticated key exchange protocols and introduce new ones that are more suitable to the case of generic constructions. We then present a natural generic construction of a three-party protocol, based on any two-party authenticated key exchange protocol, and prove its security without making use of the Random Oracle model. To the best of our knowledge, the new protocol is the first provably-secure password-based protocol in the three-party setting.

show abstract

Section: Security Definitionsmentioning

confidence: 99%

“…It is easy to see that, in this case, A ftg cannot gain any information about the hidden bit b used to answer its single Test query. Therefore, the probability that A ror outputs 1 is exactly 1 2 . Now consider the case in which its Test oracle returns the actual sessions keys.…”

Section: B Relations Between Notionsmentioning

confidence: 99%

Password-Based Authenticated Key Exchange in the Three-Party Setting

Abdalla

Fouque

Pointcheval

2005

Lecture Notes in Computer Science

Self Cite

527

123

View full text Add to dashboard Cite

show abstract

“…Respectively, they are ECIES (Elliptic Curve Integrated Encryption Scheme) based on the work of Abdalla, Bellare, and Rogaway [7,8], PSEC (Provably Secure Elliptic Curve encryption) based on the work of Fujisaki and Okamoto [22] and ACE (Advanced Cryptographic Engine) based on the work of Cramer and Shoup [21,20]. Recently a new submission of the ElGamal-based KEM scheme in the ECC setting [24] has been adopted by ISO/IEC and an amendment of ISO/IEC 18033-2 specifying this new scheme is in progress.…”

Section: Asymmetric Encryptionmentioning

confidence: 99%

Algorithm Agility – Discussion on TPM 2.0 ECC Functionalities

Chen

Urian

2016

Security Standardisation Research

View full text Add to dashboard Cite

Abstract. The TPM 2.0 specification has been designed to support a number of Elliptic Curve Cryptographic (ECC) primitives, such as key exchange, digital signatures and Direct Anonymous Attestation (DAA). In order to meet the requirement that di↵erent TPM users may favor di↵erent cryptographic algorithms, each primitive can be implemented from multiple algorithms. This feature is called Algorithm Agility. For the purpose of performance e ciency, multiple algorithms share a small set of TPM commands. In this paper, we review all the TPM 2.0 ECC functionalities, and discuss on whether the existing TPM commands can be used to implement new cryptographic algorithms which have not yet been addressed in the specification. We demonstrate that four asymmetric encryption schemes specified in ISO/IEC 18033-2 can be implemented using a TPM 2.0 chip, and we also show on some ECDSA variants that the coverage of algorithm agility from TPM 2.0 is limited. Security analysis of algorithm agility is a challenge, which is not responded in this paper. However, we believe that this paper will help future researchers analyze TPM 2.0 in more comprehensive methods than it has been done so far.

show abstract

“…Theorem 41 Let Π be the core of the ISO 9798-2.4 protocol implemented with a strongly unforgeable MAC algorithm 1 …”

Section: Matching Conversations ⇒ Acceptancementioning

confidence: 99%

Computationally Analyzing the ISO 9798–2.4 Authentication Protocol

Hale

Boyd

2014

Security Standardisation Research

View full text Add to dashboard Cite

Abstract. We provide a computational analysis of the ISO 9798-2.4 mutual authentication standard protocol in the model of Bellare and Rogaway. In contrast to typical analyses of standardized protocols, we include the optional data fields specified in the standard by applying the framework of Rogaway and Stegers. To our knowledge this is the first application of the Rogaway-Stegers technique in a standardized protocol. As well as a precise definition of the computational security properties achieved by the protocol, our analysis supplies concrete security requirements for the cryptographic primitive applied, which are absent from the protocol standard. We show that a message authentication code can be used to replace the encryption primitive if desired and that if authenticated encryption is applied it must be strongly unforgeable.

show abstract

The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES

Cited by 332 publications

References 16 publications

Password-Based Authenticated Key Exchange in the Three-Party Setting

Password-Based Authenticated Key Exchange in the Three-Party Setting

Algorithm Agility – Discussion on TPM 2.0 ECC Functionalities

Computationally Analyzing the ISO 9798–2.4 Authentication Protocol

Contact Info

Product

Resources

About