Mathematics / Matematik

Permanent URI for this collectionhttps://hdl.handle.net/11147/8

Browse

Filters

20081

Settings

Publisher: search.filters.publisher.Association for Computing Machinery (ACM)Subject: search.filters.subject.Key agreement protocols

Search Results

Now showing 1 - 1 of 1
  • Conference Object
    Security Arguments for the Um Key Agreement Protocol in the Nist Sp 800-56a Standard
    (Association for Computing Machinery (ACM), 2008) Menezes, Alfred; Ustaoğlu, Berkant
    The Unified Model (UM) key agreement protocol is an efficient Diffie-Hellman scheme that has been included in many cryptographic standards, most recently in the NIST SP 800-56A standard. The UM protocol is believed to possess all important security attributes including key authentication and secrecy, resistance to unknown key-share attacks, forward secrecy, resistance to known-session key attacks, and resistance to leakage of ephemeral private keys, but is known to succumb to key-compromise impersonation attacks. In this paper we present a strengthening of the Canetti-Krawczyk security definition for key agreement that captures resistance to all important attacks that have been identified in the literature with the exception of key-compromise impersonation attacks. We then present a reductionist security proof that the UM protocol satisfies this new definition in the random oracle model under the Gap Diffie-Hellman assumption. Copyright 2008 ACM.