2005 | OriginalPaper | Chapter
On the Security of the Canetti-Krawczyk Model
Authors : Xinghua Li, Jianfeng Ma, SangJae Moon
Published in: Computational Intelligence and Security
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
The Canetti-Krawczyk (CK) model is a formal method to design and analyze of key agreement protocols, and these protocols should have some desirable security attributes. In this paper, the relationship between the CK model and the desirable security attributes for a key agreement protocol is analyzed. The conclusions indicate that: (1) protocols designed and proved secure by the CK model offer almost all the security attributes, such as perfect forward secrecy (PFS), loss of information, known-key security, key-compromise impersonation and unknown key-share, but the attribute of key control; (2) loss of information and key-compromise impersonation can be guaranteed by the first requirement of the security definition (SK-security) in the CK model, while PFS and known-key security by the second requirement, and unknown key-share can be ensured by either the requirement. Thereafter, the advantages and disadvantages of the CK model are presented.