CryptoDB
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
Authors: | |
---|---|
Download: | |
Abstract: | We present a formalism for the analysis of key-exchange protocols that combines previous definitional approaches and results in a definition of security that enjoys some important analytical benefits: (i) any key-exchange protocol that satisfies the security definition can be composed with symmetric encryption and authentication functions to provide provably secure communication channels; and (ii) the definition allows for simple modular proofs of security: one can design and prove security of key-exchange protocols in an idealized model where the communication links are perfectly authenticated, and then translate them using general tools to obtain security in the realistic setting of adversary-controlled links. We exemplify the usability of our results by applying them to obtain the proof of two main classes of key-exchange protocols, Diffie-Hellman and key-transport, authenticated via symmetric or asymmetric techniques. Further contributions of the paper include the formalization of ``secure channels'' in the context of key-exchange protocols, and establishing sufficient conditions on the symmetric encryption and authentication functions to realize these channels. |
BibTeX
@misc{eprint-2001-11452, title={Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels}, booktitle={IACR Eprint archive}, keywords={Key Exchange, Secure Channels, Cryptographic Protocols}, url={http://eprint.iacr.org/2001/040}, note={An extended abstract of this work appears in the proceedings of Eurocrypt 2001, LNCS Vol. 2045. hugo@ee.technion.ac.il 11459 received 17 May 2001}, author={Ran Canetti and Hugo Krawczyk}, year=2001 }