TY - GEN
T1 - Efficient UC-secure authenticated key-exchange for algebraic languages
AU - Ben Hamouda, Fabrice
AU - Blazy, Olivier
AU - Chevalier, Céline
AU - Pointcheval, David
AU - Vergnaud, Damien
PY - 2013/1/1
Y1 - 2013/1/1
N2 - Authenticated Key Exchange (AKE) protocols enable two parties to establish a shared, cryptographically strong key over an insecure network using various authentication means, such as cryptographic keys, short (i.e., low-entropy) secret keys or credentials. In this paper, we provide a general framework, that encompasses several previous AKE primitives such as (Verifier-based) Password-Authenticated Key Exchange or Secret Handshakes, we call LAKE for Language-Authenticated Key Exchange. We first model this general primitive in the Universal Composability (UC) setting. Thereafter, we show that the Gennaro-Lindell approach can efficiently address this goal. But we need smooth projective hash functions on new languages, whose efficient implementations are of independent interest. We indeed provide such hash functions for languages defined by combinations of linear pairing product equations. Combined with an efficient commitment scheme, that is derived from the highly-efficient UC-secure Lindell's commitment, we obtain a very practical realization of Secret Handshakes, but also Credential-Authenticated Key Exchange protocols. All the protocols are UC-secure, in the standard model with a common reference string, under the classical Decisional Linear assumption.
AB - Authenticated Key Exchange (AKE) protocols enable two parties to establish a shared, cryptographically strong key over an insecure network using various authentication means, such as cryptographic keys, short (i.e., low-entropy) secret keys or credentials. In this paper, we provide a general framework, that encompasses several previous AKE primitives such as (Verifier-based) Password-Authenticated Key Exchange or Secret Handshakes, we call LAKE for Language-Authenticated Key Exchange. We first model this general primitive in the Universal Composability (UC) setting. Thereafter, we show that the Gennaro-Lindell approach can efficiently address this goal. But we need smooth projective hash functions on new languages, whose efficient implementations are of independent interest. We indeed provide such hash functions for languages defined by combinations of linear pairing product equations. Combined with an efficient commitment scheme, that is derived from the highly-efficient UC-secure Lindell's commitment, we obtain a very practical realization of Secret Handshakes, but also Credential-Authenticated Key Exchange protocols. All the protocols are UC-secure, in the standard model with a common reference string, under the classical Decisional Linear assumption.
U2 - 10.1007/978-3-642-36362-7_18
DO - 10.1007/978-3-642-36362-7_18
M3 - Conference contribution
AN - SCOPUS:84873940531
SN - 9783642363610
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 272
EP - 291
BT - Public-Key Cryptography, PKC 2013 - 16th International Conference on Practice and Theory in Public-Key Cryptography, Proceedings
PB - Springer Verlag
T2 - 16th International Conference on Practice and Theory in Public-Key Cryptography, PKC 2013
Y2 - 26 February 2013 through 1 March 2013
ER -