Advertisement
Published in:
2014 | OriginalPaper | Chapter
Universally Composable Non-Interactive Key Exchange
Authors : Eduarda S. V. Freire, Julia Hesse, Dennis Hofheinz
Published in: Security and Cryptography for Networks
Publisher: Springer International Publishing
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
We consider the notion of a
non-interactive key exchange (NIKE)
. A NIKE scheme allows a party
A
to compute a common shared key with another party
B
from
B
’s public key and
A
’s secret key alone. This computation requires no interaction between
A
and
B
, a feature which distinguishes NIKE from regular (i.e., interactive) key exchange not only quantitatively, but also qualitatively.
Our first contribution is a formalization of NIKE protocols as ideal functionalities in the Universal Composability (UC) framework. As we will argue, existing NIKE definitions (all of which are game-based) do not support a modular analysis either of NIKE schemes themselves, or of the use of NIKE schemes. We provide a simple and natural UC-based NIKE definition that allows for a modular analysis both of NIKE schemes and their use in larger protocols.
We investigate the properties of our new definition, and in particular its relation to existing game-based NIKE definitions. We find that
(a) game-based NIKE security is equivalent to UC-based NIKE security against
static
corruptions, and
(b) UC-NIKE security against adaptive corruptions
cannot
be achieved without additional assumptions (but
can
be achieved in the random oracle model).
Our results suggest that our UC-based NIKE definition is a useful and simple abstraction of non-interactive key exchange.