Design Secure Authenticated Key Exchange (AKE) protocol without NAXOS approach is remaining as an open problem. NAXOS approach [4] is used to hide the ephemeral secret key from an adversary even if the adversary in somehow may obtain the ephemeral secret key. Using NAXOS approach will cause two main drawbacks: (i) leaking of the static secret key which will be utilized in computing the exponent of the ephemeral public key; (ii) maximization of using random oracle when applying to the exponent of the ephemeral public key and session key derivation. In this paper, we present another AKE-secure without NAXOS approach based on decision linear assumption in the random oracle model. We fasten our security using games sequences tool which gives tight security for our protocol.
References
[1]
Bellare, M.
and Rogaway, P.
(1993) Entity Authentication and Key Distribution. Crypto 1993, LNCS 773,
110-125.
[2]
Bellare, M., Canetti, R. and Krawczyk, H.
(1998) A Modular Approach to the Design and Analysis of Authentication and Key
Exchange Protocols. Proceedings of the 30th Annual ACM Symposium on Theory of Computing,
ACM,
Location, pp.
[3]
Canetti, R. and Krawczyk, H. (2001)
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels.
Eurocrypt 2001, LNCS 2045, 453-474.
[4]
LaMacchia, B.,
Lauter, K. and Mityagin, A. (2007) Stronger Security of
Authenticated Key Exchange. ProvSec 2007, LNCS 4784, 1-16.
[5]
Ustaoglu, B.
(2008) Obtaining
a Secure and Efficient Key Agreement Protocol for (H)MQV and NAXOS. Designs, Codes and Cryptography, 46, 329-342. Extended version available at http://eprint.iacr.org/2007/123
[6]
Huang, H. and Cao, Z.
(2008) Strongly
Secure Authenticated Key Exchange Protocol Based on Computational Diffie-Hellman
Problem. Inscrypt.
[7]
Lee, J. and Park, J. (2008)
Authenticated
Key Exchange Secure under the Computational Diffie-Hellman Assumption. http://eprint.iacr.org/2008/344
[8]
Lee, J.
and Park, C.
(2008)
An Efficient
Key Exchange Protocol with a Tight Security Reduction. http://eprint.iacr.org/2008/345
[9]
Okamoto, T. (2007)
Authenticated Key Exchange and Key Encapsulation in the Standard Model. Asiacrypt
2007, LNCS 4833, 474-484.
[10]
Kim, M., Fujioka, A. and Ustaoglu, B. (2009) Strongly
Secure Authenticated Key Exchange without NAXOS’s Approach. In: Advances in Information and
Computer Security,
Springer Berlin Heidelberg, 174-191.
[11]
Boneh, D., Boyen, X. and Shacham, H.
(2004) Short
Group Signatures. In: Franklin,
M., Ed., Proceedings of Crypto 2004, Volume 3152
of LNCS, Springer-Verlag, , 41-55. http://dx.doi.org/10.1007/978-3-540-28628-8_3
[12]
Joux, A. and Nguyen, K. (2003) Separating
Decision Diffie-Hellman from Computational Diffie-Hellman in Cryptographic
Groups. Journal of Cryptology, 16, 239-247. http://dx.doi.org/10.1007/s00145-003-0052-4
[13]
Shoup, V. (1997)
Lower Bounds for Discrete Logarithms and Related Problems. In: Fumy,
W., Ed., Proceedings of Eurocrypt 1997, Volume 1233 of LNCS, Springer-Verlag, 256-266.
[14]
Pointcheval, D.
and Stern, J.
(2000) Security
Arguments for Digital Signatures and Blind Signatures. Journal of Cryptology, 13, 361-396. http://dx.doi.org/10.1007/s001450010003
[15]
Krawczyk, H. (2005) HMQV:
A High-Performance Secure Diffie-Hellman Protocol. Crypto 2005, LNCS 3621,
546-566.
[16]
Ustaoglu, B. (2008)
Obtaining a Secure and Efficient Key Agreement Protocol for (H)MQV and NAXOS. Designs, Codes and Cryptography, 46, 329-342. http://dx.doi.org/10.1007/s10623-007-9159-1
[17]
Wu, J. and Ustaoglu, B. (2009) Efficient
Key Exchange with Tight Security Reduction. IACR Cryptology ePrint Archive, 2009,
288.
[18]
Li, H.
and Wu, C.K.
(2012) CMQV : An Authenticated Key Exchange Protocol from CMQV. Science China Information Sciences, 55, 1666-1674. http://dx.doi.org/10.1007/s11432-011-4310-z
[19]
Mohamed,
M., Wang, X.F. and
Zhang, X.S. (2015) Efficient
Secure Authenticated Key Exchange without NAXOS’s Approach Based on Decision
Linear Problem. Collaborative Computing: Networking, Applications, and Worksharing.
Springer International Publishing, 243-256.
