Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CCS
2008
ACM
2008
ACM
Security arguments for the UM key agreement protocol in the NIST SP 800-56A standard
The Unified Model (UM) key agreement protocol is an efficient Diffie-Hellman scheme that has been included in many cryptographic standards, most recently in the NIST SP 80056A standard. The UM protocol is believed to possess all important security attributes including key authentication and secrecy, resistance to unknown key-share attacks, forward secrecy, resistance to known-session key attacks, and resistance to leakage of ephemeral private keys, but is known to succumb to key-compromise impersonation attacks. In this paper we present a strengthening of the Canetti-Krawczyk security definition for key agreement that captures resistance to all important attacks that have been identified in the literature with the exception of key-compromise impersonation attacks. We then present a reductionist security proof that the UM protocol satisfies this new definition in the random oracle model under the Gap Diffie-Hellman assumption. Categories and Subject Descriptors E.3 [Data Encryption]: P...
Real-time TrafficCCS 2008 | Key Agreement | Key Agreement Protocols | Key-compromise Impersonation Attacks | Security Privacy |
| Added | 12 Oct 2010 |
| Updated | 12 Oct 2010 |
| Type | Conference |
| Year | 2008 |
| Where | CCS |
| Authors | Alfred Menezes, Berkant Ustaoglu |
Comments (0)
Researcher Info
|
