Mathematics / Matematik

Permanent URI for this collectionhttps://hdl.handle.net/11147/8

Browse

Filters

2009 - 200912010 - 20121

Settings

Author: search.filters.author.Fujioka, AtsushiPublication Index: search.filters.publicationIndex.Scopus

Search Results

Now showing 1 - 2 of 2
  • Article
    Citation - Scopus: 9
    Sufficient Condition for Ephemeral Key-Leakage Resilient Tripartite Key Exchange
    (Springer Verlag, 2012) Fujioka, Atsushi; Manulis, Mark; Suzuki, Koutarou; Ustaoğlu, Berkant
    Tripartite (Diffie-Hellman) Key Exchange (3KE), introduced by Joux (ANTS-IV 2000), represents today the only known class of group key exchange protocols, in which computation of unauthenticated session keys requires one round and proceeds with minimal computation and communication overhead. The first one-round authenticated 3KE version that preserved the unique efficiency properties of the original protocol and strengthened its security towards resilience against leakage of ephemeral (session-dependent) secrets was proposed recently by Manulis, Suzuki, and Ustaoglu (ICISC 2009). In this work we explore sufficient conditions for building such protocols. We define a set of admissible polynomials and show how their construction generically implies 3KE protocols with the desired security and efficiency properties. Our result generalizes the previous 3KE protocol and gives rise to many new authenticated constructions, all of which enjoy forward secrecy and resilience to ephemeral key-leakage under the gap Bilinear Diffie-Hellman assumption in the random oracle model. © 2012 Springer-Verlag.
  • Conference Object
    Citation - WoS: 28
    Strongly Secure Authenticated Key Exchange Without Naxos' Approach
    (Springer Verlag, 2009) Kim, Minkyu; Fujioka, Atsushi; Ustaoğlu, Berkant
    LaMacchia, Lauter and Mityagin [15] proposed the extended Canetti-Krawczyk (eCK) model and an AKE protocol, called NAXOS. Unlike previous security models, the adversary in the eCK model is allowed to obtain ephemeral secret information related to the test session, which makes the security proof difficult. To overcome this NAXOS combines an ephemeral private key x with a static private key a to generate an ephemeral public key X; more precisely X∈=∈g H(x,a). As a result, no one is able to query the discrete logarithm of X without knowing both the ephemeral and static private keys. In other words, the discrete logarithm of an ephemeral public key, which is typically the ephemeral secret, is hidden via an additional random oracle. In this paper, we show that it is possible to construct eCK-secure protocol without the NAXOS' approach by proposing two eCK-secure protocols. One is secure under the GDH assumption and the other under the CDH assumption; their efficiency and security assurances are comparable to the well-known HMQV [12] protocol. Furthermore, they are at least as secure as protocols that use the NAXOS' approach but unlike them and HMQV, the use of the random oracle is minimized and restricted to the key derivation function. © 2009 Springer-Verlag Berlin Heidelberg.