Strongly leakage resilient authenticated key exchange, revisited

Author

Guomin YANG, Singapore Management UniversityFollow
Rongmao CHEN
Yi MU
Willy SUSILO
GUO Fuchun
Jie LI

Publication Type

Journal Article

Version

publishedVersion

Publication Date

12-2019

Abstract

Authenticated Key Exchange (AKE) protocols allow two (or multiple) parties to authenticate each other and agree on a common secret key, which is essential for establishing a secure communication channel over a public network. AKE protocols form a central component in many network security standards such as IPSec, TLS/SSL, and SSH. However, it has been demonstrated that many standardized AKE protocols are vulnerable to side-channel and key leakage attacks. In order to defend against such attacks, leakage resilient (LR-) AKE protocols have been proposed in the literature. Nevertheless, most of the existing LR-AKE protocols only focused on the resistance to long-term key leakage, while in reality leakage of ephemeral secret key (or randomness) can also occur due to various reasons such as the use of poor randomness sources or insecure pseudo-random number generators (PRNGs). In this paper, we revisit the strongly leakage resilient AKE protocol (CT-RSA'16) that aimed to resist challenge-dependent leakage on both long-term and ephemeral secret keys. We show that there is a security issue in the design of the protocol and propose an improved version that can fix the problem. In addition, we extend the protocol to a more general framework that can be efficiently instantiated under various assumptions, including hybrid instantiations that can resist key leakage attacks while preserving session key security against future quantum machines.

Keywords

Authenticated key exchange, Key leakage, Weak randomness

Discipline

Databases and Information Systems | Information Security

Research Areas

Information Systems and Management

Publication

Designs, Codes and Cryptography

Volume

87

Issue

12

First Page

2885

Last Page

2911

ISSN

0925-1022

Identifier

10.1007/s10623-019-00656-3

Publisher

Springer (part of Springer Nature): Springer Open Choice Hybrid Journals

Citation

YANG, Guomin; CHEN, Rongmao; MU, Yi; SUSILO, Willy; GUO Fuchun; and LI, Jie. Strongly leakage resilient authenticated key exchange, revisited. (2019). Designs, Codes and Cryptography. 87, (12), 2885-2911.
Available at: https://ink.library.smu.edu.sg/sis_research/7303

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

http://doi.org/10.1007/s10623-019-00656-3