2014 | OriginalPaper | Buchkapitel
Universally Composable Non-Interactive Key Exchange
verfasst von: Eduarda S. V. Freire, Julia Hesse, Dennis Hofheinz
Erschienen in: Security and Cryptography for Networks
Verlag: Springer International Publishing
We consider the notion of a
non-interactive key exchange (NIKE)
. A NIKE scheme allows a party
A
to compute a common shared key with another party
B
from
B
’s public key and
A
’s secret key alone. This computation requires no interaction between
A
and
B
, a feature which distinguishes NIKE from regular (i.e., interactive) key exchange not only quantitatively, but also qualitatively.
Our first contribution is a formalization of NIKE protocols as ideal functionalities in the Universal Composability (UC) framework. As we will argue, existing NIKE definitions (all of which are game-based) do not support a modular analysis either of NIKE schemes themselves, or of the use of NIKE schemes. We provide a simple and natural UC-based NIKE definition that allows for a modular analysis both of NIKE schemes and their use in larger protocols.
We investigate the properties of our new definition, and in particular its relation to existing game-based NIKE definitions. We find that
(a) game-based NIKE security is equivalent to UC-based NIKE security against
static
corruptions, and
(b) UC-NIKE security against adaptive corruptions
cannot
be achieved without additional assumptions (but
can
be achieved in the random oracle model).
Our results suggest that our UC-based NIKE definition is a useful and simple abstraction of non-interactive key exchange.