Modelling after-the-fact leakage for key exchange

Loading...
Thumbnail Image
File version

Version of Record (VoR)

Author(s)
Alawatugoda, J
Stebila, D
Boyd, C
Griffith University Author(s)
Primary Supervisor
Other Supervisors
Editor(s)
Date
2014
Size
File type(s)
Location

Kyoto, Japan

License
Abstract

Security models for two-party authenticated key exchange (AKE) protocols have developed over time to prove the security of AKE protocols even when the adversary learns certain secret values. In this work, we address more granular leakage: partial leakage of long-term secrets of protocol principals, even after the session key is established. We introduce a generic key exchange security model, which can be instantiated allowing bounded or continuous leakage, even when the adversary learns certain ephemeral secrets or session keys. Our model is the strongest known partial-leakage-based security model for key exchange protocols. We propose a generic construction of a two-pass leakage-resilient key exchange protocol that is secure in the proposed model, by introducing a new concept: the leakage-resilient NAXOS trick. We identify a special property for public-key cryptosystems: pair generation indistinguishability, and show how to obtain the leakage-resilient NAXOS trick from a pair generation indistinguishable leakage-resilient public-key cryptosystem. Copyright is held by the owner/author(s). Publication rights licensed to ACM.

Journal Title
Conference Title

ASIA CCS '14: Proceedings of the 9th ACM symposium on Information, computer and communications security

Book Title
Edition
Volume
Issue
Thesis Type
Degree Program
School
Publisher link
Patent number
Funder(s)
Grant identifier(s)
Rights Statement
Rights Statement

© 2014 the owner/author(s). Publication rights licensed to ACM. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from permissions@acm.org

Item Access Status
Note
Access the data
Related item(s)
Subject

Cryptography

Persistent link to this record
Citation

Alawatugoda, J; Stebila, D; Boyd, C, ASIA CCS '14: Proceedings of the 9th ACM symposium on Information, computer and communications security, Computer and Communications Security, 2014, pp. 207-216