Deniable Internet Key Exchange
نویسندگان
چکیده
In this work, we develop a family of protocols for deniable Internet Key-Exchange (IKE) with the following properties: • Highly practical efficiency, and conceptual simplicity and clarity. • Forward and concurrent (non-malleable) deniability against adversaries with arbitrary auxiliary inputs. • Provable security in the Canetti-Krawczyk post-specified-peer model, and maintenance of essential security properties not captured by the Canetti-Krawczyk security model. • Compatibility with the widely deployed and standardized SIGMA (i.e., the basis of IKEv2) and (H)MQV protocols, when parties possess DL public-keys. In view of the wide deployment and use of IKE and increasing awareness of privacy protection (especially for E-commerce over Internet), this work is naturally of practical interest.
منابع مشابه
Deniable Authenticated Key Establishment for Internet Protocols
We propose two public-key schemes to achieve “deniable authentication” for the Internet Key Exchange (IKE). Our protocols can be implemented using different concrete mechanisms and we discuss different options; in particular we suggest solutions based on elliptic curve pairings. The protocol designs use the modular construction method of Canetti and Krawczyk which provides the basis for a proof...
متن کاملDeniable Authentication on the Internet
Deniable authentication is a technique that allows one party to send messages to another while the latter can not prove to a third party the fact of communication. In this paper, we first formalize a natural notion of deniable security and naturally extend the basic authenticator theorem by Bellare et al. [2] to the setting of deniable authentication. Of independent interest, this extension is ...
متن کاملWeaknesses of the Boyd-Mao Deniable Authenticated key Establishment for Internet Protocols
In 2003, Boyd and Mao proposed two deniable authenticated key establishment protocols using elliptic curve pairings for Internet protocols, one is based on Diffie-Hellman key exchange and the other is based on Public-Key Encryption approach. For the use of elliptic curve pairings, they declared that their schemes could be more efficient than the existing Internet Key Exchange (IKE), nowadays. H...
متن کاملID-based Deniable Authentication Protocol based on Diffie-Hellman Problem on Elliptic Curve
Deniable authentication protocol enables a receiver to identify the true source of a given message, but not to prove the identity of the sender to a third party. This property is very useful for providing secure negotiation over the Internet. This paper describes a secure identity based deniable authentication protocol whose security is based on computational infeasibility of solving DiffieHell...
متن کاملFully Deniable Mutual Authentication Protocol Based on RSA Signature
Deniable authentication protocols allow a sender to authenticate a receiver, in a way that the receiver cannot convince a third party that such authentication (or any authentication) ever took place. In this study, we construct a fully deniable mutual authentication protocol based on RSA signature, and then a deniable authenticated key exchange protocol is constructed from the proposed protocol.
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2007 شماره
صفحات -
تاریخ انتشار 2007