International Conference on Security and Privacy in Communication Networks. 10th International ICST Conference, SecureComm 2014, Beijing, China, September 24-26, 2014, Revised Selected Papers, Part I

Research Article

Improving the Security of the HMQV Protocol Using Tamper-Proof Hardware

Download
293 downloads
  • @INPROCEEDINGS{10.1007/978-3-319-23829-6_24,
        author={Qianying Zhang and Shijun Zhao and Yu Qin and Dengguo Feng},
        title={Improving the Security of the HMQV Protocol Using Tamper-Proof Hardware},
        proceedings={International Conference on Security and Privacy in Communication Networks. 10th International ICST Conference, SecureComm 2014, Beijing, China, September 24-26, 2014, Revised Selected Papers, Part I},
        proceedings_a={SECURECOMM},
        year={2015},
        month={11},
        keywords={Authenticated Key Exchange Full PFS Tamper-Proof hardware Physical assumption HMQV CK model},
        doi={10.1007/978-3-319-23829-6_24}
    }
    
  • Qianying Zhang
    Shijun Zhao
    Yu Qin
    Dengguo Feng
    Year: 2015
    Improving the Security of the HMQV Protocol Using Tamper-Proof Hardware
    SECURECOMM
    Springer
    DOI: 10.1007/978-3-319-23829-6_24
Qianying Zhang1,*, Shijun Zhao1,*, Yu Qin1,*, Dengguo Feng1,*
  • 1: Institute of Software, Chinese Academy of Sciences
*Contact email: zsjzqy@gmail.com, zhaosj@tca.iscas.ac.cn, qin_yu@tca.iscas.ac.cn, feng@tca.iscas.ac.cn

Abstract

The full Perfect Forward Secrecy (PFS) is an important security property for Authenticated Key Exchange (AKE) protocols. Unfortunately, Krawczyk has claimed that any one-round implicitly authenticated key exchange protocol could not achieve full PFS but only weak PFS. Although some solutions are proposed in the literature, their protocols maintain secure only in the cases of additional authentication and a constrained adversary. In this paper, we investigate the question of whether tamper-proof hardware can circumvent the full PFS deficiency of one-round implicitly authenticated key exchange protocols. We answer this question in the affirmative by formally proving that the most efficient one-round implicitly authenticated key exchange protocol, HMQV, achieves full PFS under the physical assumption of regarding the existence of tamper-proof hardware.