A New Security Model for Authenticated Key Agreement

13 years 2 months ago

Download eprint.iacr.org

The Canetti–Krawczyk (CK) and extended Canetti–Krawczyk (eCK) security models, are widely used to provide security arguments for key agreement protocols. We discuss security shades in the (e)CK models, and some practical attacks unconsidered in (e)CK–security arguments. We propose a strong security model which encompasses the eCK one. We also propose a new protocol, called Strengthened MQV (SMQV), which in addition to provide the same eﬃciency as the (H)MQV protocols, is particularly suited for distributed implementations wherein a tamper–proof device is used to store long–lived keys, while session keys are used on an untrusted host machine. The SMQV protocol meets our security deﬁnition under the Gap Diﬃe–Hellman assumption and the Random Oracle model.

Augustin P. Sarr, Philippe Elbaz-Vincent, Jean-Cla

Real-time Traffic

Communications | Key Agreement Protocols | SCN 2010 | Security | Security Model |

claim paper

» Authenticated Key Agreement with Key Reuse in the Short Authenticated Strings Model

» Security Analysis of Standard Authentication and Key Agreement Protocols Utilising Timesta...

» Key Agreement Protocols and Their Security Analysis

» Obtaining a secure and efficient key agreement protocol from HMQV and NAXOS

» Practical Authenticated Key Agreement Using Passwords

» Security arguments for the UM key agreement protocol in the NIST SP 80056A standard

» Authenticated Group Key Agreement and Friends

» Bilateral Unknown KeyShare Attacks in Key Agreement Protocols

Post Info
More Details (n/a)

Added	30 Jan 2011
Updated	30 Jan 2011
Type	Journal
Year	2010
Where	SCN
Authors	Augustin P. Sarr, Philippe Elbaz-Vincent, Jean-Claude Bajard

Comments (0)

Sciweavers

A New Security Model for Authenticated Key Agreement

Communications | Key Agreement Protocols | SCN 2010 | Security | Security Model |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers