The Canetti-Krawczyk (CK) and extended Canetti-Krawczyk (eCK) security models, are widely used to provide security arguments for key agreement protocols. We discuss security shades in the (e)CK models, and some practical attacks unconsidered in (e)CK-security arguments. We propose a strong security model which encompasses the eCK one. We also propose a new protocol, called Strengthened MQV (SMQV), which in addition to provide the same efficiency as the (H)MQV protocols, is particularly suited for distributed implementations wherein a tamper-proof device is used to store long-lived keys, while session keys are used on an untrusted host machine. The SMQV protocol meets our security definition under the Gap Diffie-Hellman assumption and the Random Oracle model. © 2010 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Sarr, A. P., Elbaz-Vincent, P., & Bajard, J. C. (2010). A new security model for authenticated key agreement. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6280 LNCS, pp. 219–234). https://doi.org/10.1007/978-3-642-15317-4_15
Mendeley helps you to discover research relevant for your work.