Internet Archive Scholar

Beyond eCK: perfect forward secrecy under actor compromise and ephemeral-key reveal

Cas Cremers, Michèle Feltz
<span title="2013-07-12">2013</span> <i title="Springer Nature"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/c45m6ttnaje4xbjsq7m2c6df2a" style="color: black;">Designs, Codes and Cryptography</a> </i> &nbsp;

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (548.4 kB)
https://web.archive.org/web/20180721043431/https://eprint.iacr.org/2012/416.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit <a rel="external noopener" href="https://eprint.iacr.org/2012/416.pdf">the original URL</a>. The file type is <code>application/pdf</code>.

We show that it is possible to achieve perfect forward secrecy in two-message or one-round key exchange (KE) protocols that satisfy even stronger security properties than provided by the extended Canetti-Krawczyk (eCK) security model. In particular, we consider perfect forward secrecy in the presence of adversaries that can reveal ephemeral secret keys and the long-term secret keys of the actor of a session (similar to Key Compromise Impersonation). We propose two new game-based security models
more &raquo; ... for KE protocols. First, we formalize a slightly stronger variant of the eCK security model that we call eCK w . Second, we integrate perfect forward secrecy into eCK w , which gives rise to the even stronger eCK-PFS model. We propose a security-strengthening transformation (i. e., a compiler ) between our new models. Given a two-message Diffie-Hellman type protocol secure in eCK w , our transformation yields a two-message protocol that is secure in eCK-PFS. As an example, we show how our transformation can be applied to the NAXOS protocol.
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/s10623-013-9852-1">doi:10.1007/s10623-013-9852-1</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/msixyv5ojzafnogois5kqix2z4">fatcat:msixyv5ojzafnogois5kqix2z4</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20180721043431/https://eprint.iacr.org/2012/416.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/cc/fb/ccfb735a8cf8482dbe5a0d4a64e69ce00ce352da.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/s10623-013-9852-1"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> springer.com </button> </a>
Citation

Cas Cremers, Michèle Feltz. "Beyond eCK: perfect forward secrecy under actor compromise and ephemeral-key reveal." Designs, Codes and Cryptography 74.1 (2013) 183-218