TUP: A New eCK-Secure AKE Protocol under the CDH Assumption

Abstract: The design and analysis of authenticated key exchange protocol is an important problem in information security area. At present, extended Canetti-Krawczyk (eCK) model provides the strongest definition of security for two party key agreement protocol, however most of the current secure protocols can not be prove to secure without Gap assumption. To avoid this phenomenon, by using twinning key technology we propose a new two party key agreement protocol TUP which is obtained by modifying the UP protocol, then in… Show more

“…We clarify some misunderstandings of the usage of the trapdoor test technique showing its adaptation to the AKE protocols is not trivial. We point out some errors in some recent work [5,6], which attempts to make use of the trapdoor test technique to remove gap assumption.Second, we proposes an efficient eCK-secure AKE protocol under CDH assumption. Additionally, our protocol does not make use of NAXOS trick ‡ and has a tight reduction.…”

“…Cash, Kiltz, and Shoup [3] proposed a new computational problem called twin Diffie-Hellman problem, at the heart of which is the 'trapdoor test', which is originally used to remove the gap assumption for the public key encryption schemes.Later, Huang et al [4] first introduced this technique to remove the gap assumption for AKE protocol in eCK model. Some recent work [5,6] attempted to make use of the trapdoor test technique to construct eCK-secure AKE protocols under CDH assumption. However, there are several problems with the proofs, as will be discussed in section 3.…”

“…The first protocol KFU 1 is under the GDH assumption, and the second protocol KFU 2 based on the trapdoor test technique is under CDH assumption. However, the computational overhead of KFU 2 is about twice higher than that of KFU 1 .Zhou et al [6] and Pan et al [5] attempted to make use of the trapdoor test technique to construct eCK-secure AKE protocols under CDH assumption. However, there are several problems with the proofs, as will be discussed in section 3.There are several eCK-secure AKE protocols [7,[16][17][18] in standard model, which is clearly less efficient than our protocol in the random oracle model.There are also many other AKE protocols [19][20][21][22][23] in the password-only setting, which does not rely on the public key infrastructure.…”

“…Later, Huang et al [4] first introduced this technique to remove the gap assumption for AKE protocol in eCK model. Some recent work [5,6] attempted to make use of the trapdoor test technique to construct eCK-secure AKE protocols under CDH assumption. However, there are several problems with the proofs, as will be discussed in section 3.…”

Authenticated key exchange protocol under computational Diffie–Hellman assumption from trapdoor test technique

“…We clarify some misunderstandings of the usage of the trapdoor test technique showing its adaptation to the AKE protocols is not trivial. We point out some errors in some recent work [5,6], which attempts to make use of the trapdoor test technique to remove gap assumption.Second, we proposes an efficient eCK-secure AKE protocol under CDH assumption. Additionally, our protocol does not make use of NAXOS trick ‡ and has a tight reduction.…”

“…Cash, Kiltz, and Shoup [3] proposed a new computational problem called twin Diffie-Hellman problem, at the heart of which is the 'trapdoor test', which is originally used to remove the gap assumption for the public key encryption schemes.Later, Huang et al [4] first introduced this technique to remove the gap assumption for AKE protocol in eCK model. Some recent work [5,6] attempted to make use of the trapdoor test technique to construct eCK-secure AKE protocols under CDH assumption. However, there are several problems with the proofs, as will be discussed in section 3.…”

“…The first protocol KFU 1 is under the GDH assumption, and the second protocol KFU 2 based on the trapdoor test technique is under CDH assumption. However, the computational overhead of KFU 2 is about twice higher than that of KFU 1 .Zhou et al [6] and Pan et al [5] attempted to make use of the trapdoor test technique to construct eCK-secure AKE protocols under CDH assumption. However, there are several problems with the proofs, as will be discussed in section 3.There are several eCK-secure AKE protocols [7,[16][17][18] in standard model, which is clearly less efficient than our protocol in the random oracle model.There are also many other AKE protocols [19][20][21][22][23] in the password-only setting, which does not rely on the public key infrastructure.…”

“…Later, Huang et al [4] first introduced this technique to remove the gap assumption for AKE protocol in eCK model. Some recent work [5,6] attempted to make use of the trapdoor test technique to construct eCK-secure AKE protocols under CDH assumption. However, there are several problems with the proofs, as will be discussed in section 3.…”

Authenticated key exchange protocol under computational Diffie–Hellman assumption from trapdoor test technique

“…In 2013, Yang [14] reasserted that the eCK model leaves out the definition of session state, which causes ambiguities that may yield a lot of potential problems. In resent years, many eCK-secure AKE protocols [15][16][17][18][19][20][21][22] are presented under eCK model, and many of them are insecure under the SessionStateReveal.…”

Cryptanalysis and improvement of an efficient authenticated key exchange protocol with tight security reduction