Chatterjee, Sanjit and Menezes, Alfred and Ustaoglu, Berkant (2011) A generic variant of NIST’s KAS2 key agreement protocol. In: ACISP'11 Proceedings of the 16th Australasian Conference on Information Security and Privacy, 2011, Heidelberg.
Full text not available from this repository. (Request a copy)Abstract
We propose a generic three-pass key agreement protocol that is based on a certain kind of trapdoor one-way function family. When specialized to the RSA setting, the generic protocol yields the so-called KAS2 scheme that has recently been standardized by NIST. On the other hand, when specialized to the discrete log setting, we obtain a new protocol which we call DH2. An interesting feature of DH2 is that parties can use different groups (e.g., different elliptic curves). The generic protocol also has a hybrid implementation, where one party has an RSA key pair and the other party has a discrete log key pair. The security of KAS2 and DH2 is analyzed in an appropriate modification of the extended Canetti-Krawczyk security model.
| Item Type: | Conference Paper |
|---|---|
| Publisher: | Springer-Verlag Berlin |
| Additional Information: | Copyright of this article belongs to Springer-Verlag Berlin. GERMANY. |
| Department/Centre: | Division of Electrical Sciences > Computer Science & Automation |
| Date Deposited: | 19 Mar 2013 09:19 |
| Last Modified: | 19 Mar 2013 09:19 |
| URI: | http://eprints.iisc.ac.in/id/eprint/46037 |
Actions (login required)
 |
View Item |
