Research Article
Efficient Secure Authenticated Key Exchange Without NAXOS’ Approach Based on Decision Linear Problem
@INPROCEEDINGS{10.1007/978-3-319-28910-6_22, author={Mojahed Mohamed and Xiaofen Wang and Xiaosong Zhang}, title={Efficient Secure Authenticated Key Exchange Without NAXOS’ Approach Based on Decision Linear Problem}, proceedings={Collaborative Computing: Networking, Applications, and Worksharing. 11th International Conference, CollaborateCom 2015, Wuhan, November 10-11, 2015, China. Proceedings}, proceedings_a={COLLABORATECOM}, year={2016}, month={2}, keywords={eCK model AKE Decision Linear assumption NAXOS’ approach}, doi={10.1007/978-3-319-28910-6_22} }
- Mojahed Mohamed
Xiaofen Wang
Xiaosong Zhang
Year: 2016
Efficient Secure Authenticated Key Exchange Without NAXOS’ Approach Based on Decision Linear Problem
COLLABORATECOM
Springer
DOI: 10.1007/978-3-319-28910-6_22
Abstract
LaMacchia, Lauter and Mityagin [4] presents significant security model for Authenticated Key Exchange (AKE) protocols (eCK) which it is extending for Canetti-Krawczyk model (CK). They contrived a protocol secured in that model called NAXOS. eCK model allows adversary to obtain ephemeral secret information corresponding to the test session which complexify the security proof. To vanquish this NAXOS combines an ephemeral private key with a static private key to generate an ephemeral public in the form . As a consequence, the discrete logarithm of an ephemeral public key is hidden via an additional random oracle. In this paper we present AKE protocol secure in eCK model under Decision Linear assumption(DLIN) without using NAXOS trick with a fastened reduction, which reduce the risk of leaking the static private key, that because of the derivation of the ephemeral public key is independent from the static private key. This is in contrast to protocols that use the NAXOS’ approach. And minimize the use of the random oracle, by applying it only to the session key derivation. Moreover, each ephemeral and static key has its particular generator which gives tight security for the protocol.