Leakage resilient authenticated key exchange secure in the auxiliary input model

Authenticated key exchange (AKE) protocols allow two parties communicating over an insecure network to establish a common secret key. They are among the most widely used cryptographic protocols in practice. In order to resist key-leakage attacks, several leakage resilient AKE protocols have been pro...

Full description

Saved in:
Bibliographic Details
Main Authors: YANG, Guomin, MU, Yi, SUSILO, Willy, WONG, Duncan S.
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2013
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/7379
https://ink.library.smu.edu.sg/context/sis_research/article/8382/viewcontent/Leakage_resilient_authenticated_key_exchange_secure_in_the_auxiliary_input_model.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:Authenticated key exchange (AKE) protocols allow two parties communicating over an insecure network to establish a common secret key. They are among the most widely used cryptographic protocols in practice. In order to resist key-leakage attacks, several leakage resilient AKE protocols have been proposed recently in the bounded leakage model. In this paper, we initiate the study on leakage resilient AKE in the auxiliary input model. A promising way to construct such a protocol is to use a digital signature scheme that is entropically-unforgeable under chosen message and auxiliary input attacks. However, to date we are not aware of any digital signature scheme that can satisfy this requirement. On the other hand, we show that in the random oracle model, it is sufficient to use a digital signature scheme that is secure under random message and auxiliary input attacks in order to build a secure AKE protocol in the auxiliary input model, while the existence of such a digital signature scheme has already been proven. We will also give a comparison between the existing public-key encryption based and digital signature based leakage resilient AKE protocols. We show that the latter can provide a higher level of security than the former.