When users run a group key exchange (GKE) protocol, they usually extract the key from some auxiliary (ephemeral) secret information generated during the execution. Strong corrupti...
Abstract. In this paper, we consider the problem of mutually authenticated key exchanges between a low-power client and a powerful server. We show how the Jakobsson-Pointcheval sch...
Abstract. In the paper “Stronger Security of Authenticated Key Exchange” [1,2], a new security model for authenticated key exchange protocols (eCK) is proposed. The new model i...
We show that it is possible to achieve perfect forward secrecy in two-message key exchange (KE) protocols that satisfy even stronger security properties than provided by the extend...
Abstract. Automated tools for finding attacks on flawed security protocols often struggle to deal with protocols for group key agreement. Systems designed for fixed 2 or 3 party pr...