A Provably Secure Secret Handshake with Dynamic Controlled Matching

Parties cooperating in hostile networked environments often need to establish an initial trust. Trust establishment can be very delicate when it involves the exchange of sensitive information, such as affiliation to a secret society or to an intelligence agency. Two mechanisms, Secret Handshakes and Secure Matchmaking, have tackled this problem, coming up with solutions for secure initial exchange between mistrusting principals. The relevance of this problem as a research topic is evidenced by the number of recent publications on the subject [1, 10, 11, 15, 16]. A Secret Handshake, first introduced by Balfanz et al. in [3], is a mechanism devised for two users to simultaneously prove to each other possession of a property, for instance membership to a certain group. The ability to prove and verify is strictly controlled by a certification authority, that issues property credentials and matching references respectively allowing to prove to another user, and to verify another user’s, possession of a property. Users are not able to perform a successful handshake without the appropriate credentials and matching references; in addition protocol exchanges are often untraceable and anonymous. Most of the Secret Handshake schemes available in the literature only allow for the matching of own group membership: we will refer to this class of protocols as own-group membership secret handshakes. Matchmaking protocols, presented first in [2], solve the same problem in a slightly different setting: users express “wishes” about the property expected from the other communicating party, and the communication is established only