Several recent standards, including NIST SP 80056A and RFC 5114, advocate the use of “DSA” parameters for Diffie-Hellman key exchange. While it is possible to use such parameters securely, additional validation checks are necessary to prevent well-known and potentially devastating attacks. In this paper, we observe that many Diffie-Hellman implementations do not properly validate key exchange i...

In this paper, we present a security framework that provides identity protection against active and passive attacks for end-points. The framework is based on a two-round-trip authenticated Diffie-Hellman key exchange protocol that identifies the end-points to each other and creates a security association between the peers. The protocol hides the public key based identifiers from attackers and e...

In this paper, we present a security framework that provides identity protection against active and passive attacks for end-points. The framework is based on a two-round-trip authenticated Diffie-Hellman key exchange protocol that identifies the end-points to each other and creates a security association between the peers. The protocol hides the public key based identifiers from attackers and e...

Let G be an arbitrary cyclic group with generator g and order /GI with known factorization. G could be the subgroup generated by g within a larger group H . Based on an assumption about the existence of smooth numbers in short intervals, we prove that breaking the DiffieHellman protocol for G and base g is equivalent to computing discrete logarithms in C: t,o t,he base g when a certain side inf...

We present a new Certificateless Public Key Encryption (CLPKE) scheme whose security is proven to rest on the hardness of the Bilinear Diffie-Hellman Problem (BDHP) and that is more efficient than the original scheme of Al-Riyami and Paterson. We then give an analysis of Gentry’s Certificate Based Encryption (CBE) concept, repairing a number of problems with the original definition and security...

In recent years, a new approach has been developed for verifying security protocols with the aim of combining the benefits of symbolic attackers and the benefits of unconditional soundness: the technique of the computationally complete symbolic attacker of Bana and Comon (BC) [6]. In this paper we argue that the real breakthrough of this technique is the recent introduction of its version for i...

Malicious insider security of authenticated key exchange (AKE) protocol addresses the situation that an AKE protocol is secure even with existing dishonest parties established by adversary in corresponding security experiment. In the eCK model, the EstablishParty query is used to model the malicious insider setting. However such strong query is not clearly formalized so far. We show that the pr...

In this paper, we study short exponent Diffie-Hellman problems, where significantly many lower bits are zeros in the exponent. We first prove that the decisional version of this problem is as hard as two well known hard problems, the standard decisional Diffie-Hellman problem (DDH) and the short exponent discrete logarithm problem. It implies that we can improve the efficiency of ElGamal scheme...

M. Kim and K. Kim [1] introduce a new identification scheme based on the Gap Diffie-Hellman problem, and prove that the scheme is secure against active attacks if the Gap Diffie-Hellman problem is intractable. But, their identification scheme is NOT secure. In this paper, we give the reason that why the scheme is not secure, and we also modify the scheme such that the modified scheme is secure ...