Copy

@ARTICLE{e96-a_6_1088,
author={Atsushi FUJIOKA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Characterization of Strongly Secure Authenticated Key Exchanges without NAXOS Technique},
year={2013},
volume={E96-A},
number={6},
pages={1088-1099},
abstract={This paper examines two-pass authenticated key exchange (AKE) protocols that are secure without the NAXOS technique under the gap Diffie-Hellman assumption in the random oracle model: FHMQV [18], KFU1 [21], SMEN^- [13], and UP [17]. We introduce two protocol, biclique DH protocol and multiplied biclique DH protocol, to analyze the subject protocols, and show that the subject protocols use the multiplied biclique DH protocol as internal protocols. The biclique DH protocol is secure, however, the multiplied biclique DH protocol is insecure. We show the relations between the subject protocols from the viewpoint of how they overcome the insecurity of the multiplied biclique DH protocol:
FHMQV virtually executes two multiplied biclique DH protocols in sequence with the same ephemeral key on two randomized static keys.
KFU1 executes two multiplied biclique DH protocols in parallel with the same ephemeral key.
UP is a version of KFU1 in which one of the static public keys is generated with a random oracle.
SMEN^- can be thought of as a combined execution of two multiplied biclique DH protocols.
In addition, this paper provides ways to characterize the AKE protocols and defines two parameters: one consists of the number of static keys, the number of ephemeral keys, and the number of shared secrets, and the other is defined as the total sum of these numbers. When an AKE protocol is constructed based on some group, these two parameters indicate the number of elements in the group, i.e., they are related to the sizes of the storage and communication data.},
keywords={},
doi={10.1587/transfun.E96.A.1088},
ISSN={1745-1337},
month={June},}

Copy

TY - JOUR
TI - Characterization of Strongly Secure Authenticated Key Exchanges without NAXOS Technique
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 1088
EP - 1099
AU - Atsushi FUJIOKA
PY - 2013
DO - 10.1587/transfun.E96.A.1088
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E96-A
IS - 6
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - June 2013
AB - This paper examines two-pass authenticated key exchange (AKE) protocols that are secure without the NAXOS technique under the gap Diffie-Hellman assumption in the random oracle model: FHMQV [18], KFU1 [21], SMEN^- [13], and UP [17]. We introduce two protocol, biclique DH protocol and multiplied biclique DH protocol, to analyze the subject protocols, and show that the subject protocols use the multiplied biclique DH protocol as internal protocols. The biclique DH protocol is secure, however, the multiplied biclique DH protocol is insecure. We show the relations between the subject protocols from the viewpoint of how they overcome the insecurity of the multiplied biclique DH protocol:
FHMQV virtually executes two multiplied biclique DH protocols in sequence with the same ephemeral key on two randomized static keys.
KFU1 executes two multiplied biclique DH protocols in parallel with the same ephemeral key.
UP is a version of KFU1 in which one of the static public keys is generated with a random oracle.
SMEN^- can be thought of as a combined execution of two multiplied biclique DH protocols.
In addition, this paper provides ways to characterize the AKE protocols and defines two parameters: one consists of the number of static keys, the number of ephemeral keys, and the number of shared secrets, and the other is defined as the total sum of these numbers. When an AKE protocol is constructed based on some group, these two parameters indicate the number of elements in the group, i.e., they are related to the sizes of the storage and communication data.
ER -