A note on chosen-basis decisional diffie-hellman assumptions

Abstract

This note discusses two Decisional Diffie-Hellman assumption variants introduced by Abdalla and Pointcheval at Financial Cryptography' 05. Those authors introduce two new problems and associated assumptions called the Chosen-Basis Decisional Diffie-Hellman assumption #1 (CDDH1), and the Chosen-Basis Decisional Diffie-Hellman assumption #2 (CDDH2), and suggest that these assumptions warrant further analysis. The problems are each defined in terms of a formal experiment, and advantage function, and the assumption is that an adversary should have negligible advantage. However, in this note, we exhibit a simple adversary for each problem, such that the advantage is significant. These new assumptions were motivated by the requirements of a proof of security for a three-party password authentication scheme described by the same authors. We conclude that the level of security assurance provided by this scheme is an open question. © IFCA/Springer-Verlag Berlin Heidelberg 2006.