HMQV

The MQV protocol of Law, Menezes, Qu, Solinas and Vanstone is possibly the most efficient of all known authenticated Diffie-Hellman protocols that use public-key authentication. In addition to great performance, the protocol has been designed to achieve a remarkable list of security properties. As a result MQV has been widely standardized, and has recently been chosen by the NSA as the key exchange mechanism underlying “the next generation cryptography to protect US government information”. One question that has not been settled so far is whether the protocol can be proven secure in a rigorous model of key-exchange security. In order to provide an answer to this question we analyze the MQV protocol in the Canetti-Krawczyk model of key exchange. Unfortunately, we show that MQV fails to a variety of attacks in this model that invalidate its basic security as well as many of its stated security goals. On the basis of these findings, we present HMQV, a carefully designed variant of MQV, that provides the same superb performance and functionality of the original protocol but for which all the MQV’s security goals can be formally proved to hold in the random oracle model under the computational Diffie-Hellman assumption. We base the design and proof of HMQV on a new form of “challenge-response signatures”, derived from the Schnorr identification scheme, that have the property that both the challenger and signer can compute the same signature; the former by having chosen the challenge and the latter by knowing the private signature key.


References in zbMATH (referenced in 70 articles , 1 standard article )

Showing results 1 to 20 of 70.
Sorted by year (citations)

1 2 3 4 next

  1. Brzuska, Chris; Jacobsen, Håkon: A modular security analysis of EAP and IEEE 802.11 (2017)
  2. Ding, Jintai; Alsayigh, Saed; Lancrenon, Jean; RV, Saraswathy; Snook, Michael: Provably secure password authenticated key exchange based on RLWE for the post-quantum world (2017)
  3. Günther, Felix; Hale, Britta; Jager, Tibor; Lauer, Sebastian: 0-RTT key exchange with full forward secrecy (2017)
  4. Coron, Jean-Sébastien: Security analysis of the modular enhanced symmetric role authentication (mERA) protocol (2016)
  5. del Pino, Rafael; Lyubashevsky, Vadim; Pointcheval, David: The whole is less than the sum of its parts: constructing more efficient lattice-based akes (2016)
  6. Kılınç, Handan; Vaudenay, Serge: Efficient public-key distance bounding protocol (2016)
  7. Tian, Yangguang; Yang, Guomin; Mu, Yi; Liang, Kaitai; Yu, Yong: One-round attribute-based key exchange in the multi-party setting (2016)
  8. Yang, Zheng; Li, Shuangqing: On security analysis of an after-the-fact leakage resilient key exchange protocol (2016)
  9. Dousti, Mohammad Sadeq; Jalili, Rasool: FORSAKES: a forward-secure authenticated key exchange protocol based on symmetric key-evolving schemes (2015)
  10. Fujioka, Atsushi; Suzuki, Koutarou; Xagawa, Keita; Yoneyama, Kazuki: Strongly secure authenticated key exchange from factoring, codes, and lattices (2015)
  11. Hamburg, Mike: Decaf: eliminating cofactors through point compression (2015)
  12. Yau, Wei-Chuen; Phan, Raphael C.-W.: Cryptanalysis of a chaotic map-based password-authenticated key agreement protocol using smart cards (2015)
  13. Zhang, Lei: Certificateless one-pass and two-party authenticated key agreement protocol and its extensions (2015)
  14. Choo, Kim-Kwang Raymond; Nam, Junghyun; Won, Dongho: A mechanical approach to derive identity-based protocols from Diffie-Hellman-based protocols (2014)
  15. Goldberg, Ian; Stebila, Douglas; Ustaoglu, Berkant: Anonymity and one-way authentication in key exchange protocols (2013)
  16. Chatterjee, Sanjit; Menezes, Alfred; Sarkar, Palash: Another look at tightness (2012)
  17. Fujioka, Atsushi; Suzuki, Koutarou; Xagawa, Keita; Yoneyama, Kazuki: Strongly secure authenticated key exchange from factoring, codes, and lattices (2012)
  18. Li, Hui; Wu, Chuankun: CMQV+: an authenticated key exchange protocol from CMQV (2012)
  19. Camenisch, Jan; Krenn, Stephan; Shoup, Victor: A framework for practical universally composable zero-knowledge protocols (2011)
  20. Fujioka, Atsushi: Characterization of strongly secure authenticated key exchanges without NAXOS technique (2011)

1 2 3 4 next