Strongly Authenticated Key Exchange Protocol from Bilinear Groups without Random Oracles [chapter]

Zheng Yang, Jörg Schwenk
2012 Lecture Notes in Computer Science  
Since the introducing of extended Canetti-Krawczyk (eCK) security model for two party key exchange, many protocols have been proposed to provide eCK security. However, most of those protocols are provably secure in the random oracle model or rely on special design technique well-known as the NAXOS trick. In contrast to previous schemes, we present an eCK secure protocol in the standard model, without NAXOS trick and without knowledge of secret key (KOSK) assumption for public key registration.
more » ... he security proof of our scheme is based on standard pairing assumption, collision resistant hash functions, Bilinear Decision Diffie-Hellman (BDDH) and Decision Linear Diffie-Hellman (DLIN) assumptions, and pseudo-random functions with pairwise independent random source πPRF [30] . Although our proposed protocol is based on bilinear groups, it doesn't need any pairing operations during protocol execution.
doi:10.1007/978-3-642-33272-2_17 fatcat:lum33jpjujcb3atv6egyc3jpu4