Toggle Main Menu Toggle Search

Open Access padlockePrints

On robust key agreement based on public key authentication

Lookup NU author(s): Professor Feng Hao


Full text for this publication is not currently held within this repository. Alternative links are provided below where available.


This paper discusses public-key authenticated key agreement protocols. First, we critically analyze several authenticatedkey agreement protocols and uncover various theoretical and practical flaws. In particular, we present two new attacks onthe HMQV protocol, which is currently being standardized by IEEE P1363. These attacks suggest the caution one shouldtake when interpreting theoretical results from a formal model. We further point out that many of the protocol failures inthe past are caused by sidestepping an important engineering principle, namely “Do not assume that a message you receivehas a particular form (such as g^r for known r) unless you can check this”. Constructions in the past generally resistedthis principle on the grounds of efficiency: checking the knowledge of the exponent is commonly seen as too expensive.In a concrete example, we demonstrate how to effectively integrate the zero-knowledge proof primitive into the protocoldesign and meanwhile achieve good efficiency. Our new key agreement protocol, YAK, has comparable computationalefficiency to the MQV and HMQV protocols with clear advantages on security. Among all the related techniques, ourprotocol appears to be the simplest so far. We believe simplicity is also an important engineering principle.

Publication metadata

Author(s): Hao F

Publication type: Article

Publication status: Published

Journal: Security and Communication Networks

Year: 2014

Volume: 7

Issue: 1

Pages: 77-87

Print publication date: 01/01/2014

Online publication date: 18/04/2012

Acceptance date: 01/01/1900

ISSN (print): 1939-0114

ISSN (electronic): 1939-0122

Publisher: John Wiley & Sons, Inc.


DOI: 10.1002/sec.550


Altmetrics provided by Altmetric