2008 | OriginalPaper | Buchkapitel
Beyond Secret Handshakes: Affiliation-Hiding Authenticated Key Exchange
verfasst von : Stanisław Jarecki, Jihye Kim, Gene Tsudik
Erschienen in: Topics in Cryptology – CT-RSA 2008
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Public key based authentication and key exchange protocols are not usually designed with privacy in mind and thus involve cleartext exchanges of identities and certificates before actual authentication. In contrast, an Affiliation-Hiding Authentication Protocol, also called a
Secret Handshake
, allows two parties with certificates issued by the same organization to authenticate each other in a
private
way. Namely, one party can prove to the other that it has a valid organizational certificate, yet this proof hides the identity of the issuing organization unless the other party also has a valid certificate from the same organization.
We consider a very strong notion of Secret Handshakes, namely
Affiliation-Hiding Authenticated Key Exchange
protocols (AH-AKE), which guarantee security under arbitrary composition of protocol sessions, including man-in-the-middle attacks. The contribution of our paper is three-fold: First, we extend existing notions of AH-AKE security to Perfect Forward Secrecy (PFS), which guarantees session security even if its participants are later corrupted or any other sessions are compromised. Second, in parallel to PFS security, we specify the exact level of privacy protection, which we call
Linkable Affiliation-Hiding
(LAH), that an AH-AKE protocol can provide in the face of player corruptions and session compromises. Third, we show an AH-AKE protocol that achieves both PFS and LAH properties, under the RSA assumption in ROM, at minimal costs of 3 communication rounds and two (multi)exponentiations per player.