CryptoDB
Deniable Internet Key-Exchange
| Authors: | |
|---|---|
| Download: | |
| Abstract: | In this work, we develop a family of protocols for deniable Internet Key-Exchange (IKE) with the following properties: 1. item Highly practical efficiency, and conceptual simplicity and clarity. 2. Forward and concurrent (non-malleable) deniability against adversaries with arbitrary auxiliary inputs, and better privacy protection of players' roles. 3. Provable security in the Canetti-Krawczyk post-specified-peer model, and maintenance of essential security properties not captured by the Canetti-Krawczyk security model. 4. Compatibility with the widely deployed and standardized SIGMA (i.e., the basis of IKEv2) and (H)MQV protocols, when parties possess DL public-keys. Our protocols could potentially serve, in part, as either the underlying basis or a useful alternative for the next generation of IKE (i.e., IKEv3) of IPsec (in particular, when deniability is desired). In view of the wide deployment and use of IKE and increasing awareness of privacy protection (especially for E-commerce over Internet), this work is naturally of practical interest. |
BibTeX
@misc{eprint-2007-13472,
title={Deniable Internet Key-Exchange},
booktitle={IACR Eprint archive},
keywords={cryptographic protocols /},
url={http://eprint.iacr.org/2007/191},
note={Rump session presentation at Eurocrypt 2007 ylzhao@fudan.edu.cn 13686 received 23 May 2007, last revised 21 Jun 2007},
author={Andrew C. C. Yao and Frances F. Yao and Yunlei Zhao and Bin Zhu},
year=2007
}