Skip to main content
placeholder image

Authenticated key exchange under bad randomness

Conference Paper


Download full-text (Open Access)

Abstract


  • We initiate the formal study on authenticated key exchange (AKE) under bad randomness.

    This could happen when (1) an adversary compromises the randomness source and hence directly

    controls the randomness of each AKE session; and (2) the randomness repeats in different AKE sessions

    due to reset attacks.We construct two formal security models, Reset-1 and Reset-2, to capture these two

    bad randomness situations respectively, and investigate the security of some widely used AKE protocols

    in these models by showing that they become insecure when the adversary is able to manipulate the

    randomness. On the positive side, we propose simple but generic methods to make AKE protocols

    secure in Reset-1 and Reset-2 models. The methods work in a modular way: first, we strengthen a

    widely used AKE protocol to achieve Reset-2 security, then we show how to transform any Reset-2

    secure AKE protocol to a new one which also satisfies Reset-1 security.

UOW Authors


  •   Yang, Guomin
  •   Duan, Shanshan (external author)
  •   Wong, Duncan S. (external author)
  •   Tan, Chik How. (external author)
  •   Wang, Huaxiong (external author)

Publication Date


  • 2011

Citation


  • Yang, G., Duan, S., Wong, D., Tan, C. & Wang, H. (2011). Authenticated key exchange under bad randomness. In G. Danezis (Ed.), Financial Cryptography and Data Security Conference: 15th International Conference (pp. 1-23). Germany: Springer.

Scopus Eid


  • 2-s2.0-84863141981

Ro Full-text Url


  • http://ro.uow.edu.au/cgi/viewcontent.cgi?article=3329&context=eispapers

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers/2320

Has Global Citation Frequency


Start Page


  • 1

End Page


  • 23

Place Of Publication


  • Germany

Abstract


  • We initiate the formal study on authenticated key exchange (AKE) under bad randomness.

    This could happen when (1) an adversary compromises the randomness source and hence directly

    controls the randomness of each AKE session; and (2) the randomness repeats in different AKE sessions

    due to reset attacks.We construct two formal security models, Reset-1 and Reset-2, to capture these two

    bad randomness situations respectively, and investigate the security of some widely used AKE protocols

    in these models by showing that they become insecure when the adversary is able to manipulate the

    randomness. On the positive side, we propose simple but generic methods to make AKE protocols

    secure in Reset-1 and Reset-2 models. The methods work in a modular way: first, we strengthen a

    widely used AKE protocol to achieve Reset-2 security, then we show how to transform any Reset-2

    secure AKE protocol to a new one which also satisfies Reset-1 security.

UOW Authors


  •   Yang, Guomin
  •   Duan, Shanshan (external author)
  •   Wong, Duncan S. (external author)
  •   Tan, Chik How. (external author)
  •   Wang, Huaxiong (external author)

Publication Date


  • 2011

Citation


  • Yang, G., Duan, S., Wong, D., Tan, C. & Wang, H. (2011). Authenticated key exchange under bad randomness. In G. Danezis (Ed.), Financial Cryptography and Data Security Conference: 15th International Conference (pp. 1-23). Germany: Springer.

Scopus Eid


  • 2-s2.0-84863141981

Ro Full-text Url


  • http://ro.uow.edu.au/cgi/viewcontent.cgi?article=3329&context=eispapers

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers/2320

Has Global Citation Frequency


Start Page


  • 1

End Page


  • 23

Place Of Publication


  • Germany