Skip to main content
placeholder image

Authenticated key exchange under bad randomness

Conference Paper


Abstract


  • We initiate the formal study on authenticated key exchange (AKE) under bad randomness. This could happen when (1) an adversary compromises the randomness source and hence directly controls the randomness of each AKE session; and (2) the randomness repeats in different AKE sessions due to reset attacks. We construct two formal security models, Reset-1 and Reset-2, to capture these two bad randomness situations respectively, and investigate the security of some widely used AKE protocols in these models by showing that they become insecure when the adversary is able to manipulate the randomness. On the positive side, we propose simple but generic methods to make AKE protocols secure in Reset-1 and Reset-2 models. The methods work in a modular way: first, we strengthen a widely used AKE protocol to achieve Reset-2 security, then we show how to transform any Reset-2 secure AKE protocol to a new one which also satisfies Reset-1 security. © 2012 Springer-Verlag.

Publication Date


  • 2012

Citation


  • Yang, G., Duan, S., Wong, D. S., Tan, C. H., & Wang, H. (2012). Authenticated key exchange under bad randomness. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) Vol. 7035 LNCS (pp. 113-126). doi:10.1007/978-3-642-27576-0_10

Scopus Eid


  • 2-s2.0-84863141981

Start Page


  • 113

End Page


  • 126

Volume


  • 7035 LNCS

Abstract


  • We initiate the formal study on authenticated key exchange (AKE) under bad randomness. This could happen when (1) an adversary compromises the randomness source and hence directly controls the randomness of each AKE session; and (2) the randomness repeats in different AKE sessions due to reset attacks. We construct two formal security models, Reset-1 and Reset-2, to capture these two bad randomness situations respectively, and investigate the security of some widely used AKE protocols in these models by showing that they become insecure when the adversary is able to manipulate the randomness. On the positive side, we propose simple but generic methods to make AKE protocols secure in Reset-1 and Reset-2 models. The methods work in a modular way: first, we strengthen a widely used AKE protocol to achieve Reset-2 security, then we show how to transform any Reset-2 secure AKE protocol to a new one which also satisfies Reset-1 security. © 2012 Springer-Verlag.

Publication Date


  • 2012

Citation


  • Yang, G., Duan, S., Wong, D. S., Tan, C. H., & Wang, H. (2012). Authenticated key exchange under bad randomness. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) Vol. 7035 LNCS (pp. 113-126). doi:10.1007/978-3-642-27576-0_10

Scopus Eid


  • 2-s2.0-84863141981

Start Page


  • 113

End Page


  • 126

Volume


  • 7035 LNCS