CryptoDB
On Formal Models for Secure Key Exchange
Authors: | |
---|---|
Download: | |
Abstract: | A new formal security model for session key exchange protocols is proposed, and several efficient protocols are analyzed in this model. Our new model is in the style of multi-party simulatability: it specifies the service and security guarantees that a key exchange protocol should provide to higher-level protocols as a simple, natural, and intuitive interface to which a high-level protocol designer can program. The relationship between this new model and previously proposed models is explored, and in particular, several flaws and shortcomings in previously proposed models are discussed. The model also deals with anonymous users---that is, users who do not have public keys, but perhaps have passwords that can be used to authenticate themselves within a secure session. |
BibTeX
@misc{eprint-1999-11334, title={On Formal Models for Secure Key Exchange}, booktitle={IACR Eprint archive}, keywords={session key exchange, multi-party computation, formal models,}, url={http://eprint.iacr.org/1999/012}, note={Appeared in the THEORY OF CRYPTOGRAPHY LIBRARY and has been included in the ePrint Archive. sho@zurich.ibm.com 10500 received April 19, 1999. Revised November 15, 1999.}, author={Victor Shoup}, year=1999 }