Implementation of an eCK-secure Key Exchange Protocol for OpenSSL
File version
Version of Record (VoR)
Author(s)
Vivekaanathan, S
Peiris, N
Wickramasinghe, C
Wen, CC
Griffith University Author(s)
Primary Supervisor
Other Supervisors
Editor(s)
Date
Size
File type(s)
Location
License
Abstract
Security models have been developed over time to analyze the security of two-party authenticated key exchange (AKE) protocols. LaMacchia et al. (ProSec 2007) presented a strong security model for AKE protocols, namely the extended Canetti-Krawczyk (eCK) model, addressing wide range of real-world attack scenarios. They constructed a protocol called NAXOS, that is proven-secure in the eCK model. In order to satisfy the eCK security, the NAXOS protocol uses a hash function to combine the long-term secret key and the ephemeral secret key, which is often called as “NAXOS-trick”. However, for the NAXOS-trick-based protocols, the way of leakage modelled in the eCK model leads to an unnatural assumption of leak-free computation of the hash function. Precisely, the eCK model allows the attacker to reveal the ephemeral key while the output of the NAXOS-trick computation remains safe (leak-free). In a recent work of Alawatugoda et al. (IMA Cryptography and Coding 2015), a NAXOS-trick-free eCK-secure AKE protocol is presented, namely protocol P1. In this work, we implement the protocol P1 to be used with the widely-used OpenSSL cryptographic library. OpenSSL implementations are widely used with the real-world security protocol suites, such as Security Socket Layer (SSL) and Transport Layer Security (TLS). As per best of our knowledge, this is the first implementation of a eCK-secure key exchange protocol for the OpenSSL library. Thus, we open up the direction to use the recent advancements of cryptography for real-world Internet communication.
Journal Title
International Journal on Advanced Science, Engineering and Information Technology
Conference Title
Book Title
Edition
Volume
8
Issue
5
Thesis Type
Degree Program
School
Publisher link
Patent number
Funder(s)
Grant identifier(s)
Rights Statement
Rights Statement
International Journal on Advanced Science, Engineering and Information Technology (IJASEIT) publishes fully open access journals, which means that all articles are available on the internet to all users immediately upon publication. Non-commercial use and distribution in any medium is permitted, provided the author and the journal are properly credited.
Item Access Status
Note
Access the data
Related item(s)
Subject
Cryptography
Engineering
Information and computing sciences
Persistent link to this record
Citation
Alawatugoda, J; Vivekaanathan, S; Peiris, N; Wickramasinghe, C; Wen, CC, Implementation of an eCK-secure Key Exchange Protocol for OpenSSL, International Journal on Advanced Science, Engineering and Information Technology, 2018, 8 (5), pp. 2205-2210