TY - GEN
T1 - Leakage resilient authenticated key exchange secure in the auxiliary input model
AU - Yang, Guomin
AU - Mu, Yi
AU - Susilo, Willy
AU - Wong, Duncan S.
PY - 2013
Y1 - 2013
N2 - Authenticated key exchange (AKE) protocols allow two parties communicating over an insecure network to establish a common secret key. They are among the most widely used cryptographic protocols in practice. In order to resist key-leakage attacks, several leakage resilient AKE protocols have been proposed recently in the bounded leakage model. In this paper, we initiate the study on leakage resilient AKE in the auxiliary input model. A promising way to construct such a protocol is to use a digital signature scheme that is entropically-unforgeable under chosen message and auxiliary input attacks. However, to date we are not aware of any digital signature scheme that can satisfy this requirement. On the other hand, we show that in the random oracle model, it is sufficient to use a digital signature scheme that is secure under random message and auxiliary input attacks in order to build a secure AKE protocol in the auxiliary input model, while the existence of such a digital signature scheme has already been proven. We will also give a comparison between the existing public-key encryption based and digital signature based leakage resilient AKE protocols. We show that the latter can provide a higher level of security than the former. © 2013 Springer-Verlag.
AB - Authenticated key exchange (AKE) protocols allow two parties communicating over an insecure network to establish a common secret key. They are among the most widely used cryptographic protocols in practice. In order to resist key-leakage attacks, several leakage resilient AKE protocols have been proposed recently in the bounded leakage model. In this paper, we initiate the study on leakage resilient AKE in the auxiliary input model. A promising way to construct such a protocol is to use a digital signature scheme that is entropically-unforgeable under chosen message and auxiliary input attacks. However, to date we are not aware of any digital signature scheme that can satisfy this requirement. On the other hand, we show that in the random oracle model, it is sufficient to use a digital signature scheme that is secure under random message and auxiliary input attacks in order to build a secure AKE protocol in the auxiliary input model, while the existence of such a digital signature scheme has already been proven. We will also give a comparison between the existing public-key encryption based and digital signature based leakage resilient AKE protocols. We show that the latter can provide a higher level of security than the former. © 2013 Springer-Verlag.
KW - authenticated key exchange
KW - auxiliary input model
KW - Leakage resilient cryptography
UR - http://www.scopus.com/inward/record.url?scp=84883372536&partnerID=8YFLogxK
UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-84883372536&origin=recordpage
U2 - 10.1007/978-3-642-38033-4_15
DO - 10.1007/978-3-642-38033-4_15
M3 - RGC 32 - Refereed conference paper (with host publication)
SN - 9783642380327
VL - 7863 LNCS
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 204
EP - 217
BT - Information Security Practice and Experience
PB - Springer Verlag
T2 - 9th International Conference on Information Security Practice and Experience, ISPEC 2013
Y2 - 12 May 2013 through 14 May 2013
ER -