Reusing Static Keys in Key Agreement Protocols

13 years 10 months ago

Download www.cacr.math.uwaterloo.ca

Abstract. Contrary to conventional cryptographic wisdom, the NIST SP 800-56A standard explicitly allows the use of a static key pair in more than one of the key establishment protocols described in the standard. In this paper, we give examples of key establishment protocols that are individually secure, but which are insecure when static key pairs are reused in two of the protocols. We also propose an enhancement of the extended Canetti-Krawczyk security model and deﬁnition for the situation where static public keys are reused in two or more key agreement protocols.

Sanjit Chatterjee, Alfred Menezes, Berkant Ustaogl

Real-time Traffic

Cryptology | INDOCRYPT 2009 | Key Agreement Protocols | Key Establishment Protocols | Static Key Pairs |

claim paper

» On reusing ephemeral keys in DiffieHellman key agreement protocols

» Key Agreement Using Statically Keyed Authenticators

» On the Resilience of Key Agreement Protocols to Key Compromise Impersonation

» Bilateral Unknown KeyShare Attacks in Key Agreement Protocols

» On Robust Key Agreement Based on Public Key Authentication

» On Bluetooth Repairing Key Agreement Based on SymmetricKey Cryptography

» A New Provably Secure Authentication and Key Agreement Mechanism for SIP Using Certificate...

» Certificateless Authenticated Group Key Agreement Protocol for Dynamic Groups

Post Info
More Details (n/a)

Added	26 May 2010
Updated	26 May 2010
Type	Conference
Year	2009
Where	INDOCRYPT
Authors	Sanjit Chatterjee, Alfred Menezes, Berkant Ustaoglu

Comments (0)

Sciweavers

Reusing Static Keys in Key Agreement Protocols

Cryptology | INDOCRYPT 2009 | Key Agreement Protocols | Key Establishment Protocols | Static Key Pairs |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers