Intrusion-resilient key exchange in the bounded retrieval model

46Citations
Citations of this article
42Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We construct an intrusion-resilient symmetric-key authenticated key exchange (AKE) protocol in the bounded retrieval model. The model employs a long shared private key to cope with an active adversary who can repeatedly compromise the user's machine and perform any efficient computation on the entire shared key. However, we assume that the attacker is communication bounded and unable to retrieve too much information during each successive break-in. In contrast, the users read only a small portion of the shared key, making the model quite realistic in situations where storage is much cheaper than bandwidth. The problem was first studied by Dziembowski [Dzi06a], who constructed a secure AKE protocol using random oracles. We present a general paradigm for constructing intrusion-resilient AKE protocols in this model, and show how to instantiate it without random oracles. The main ingredients of our construction are UC-secure password authenticated key exchange and tools from the bounded storage model. © International Association for Cryptologic Research 2007.

Cite

CITATION STYLE

APA

Cash, D., Ding, Y. Z., Dodis, Y., Lee, W., Lipton, R., & Walfish, S. (2007). Intrusion-resilient key exchange in the bounded retrieval model. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4392 LNCS, pp. 479–498). Springer Verlag. https://doi.org/10.1007/978-3-540-70936-7_26

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free