Modeling noise-accepting key exchange. (English) Zbl 1540.94062
Esser, Andre (ed.) et al., Code-based cryptography. 11th international workshop, CBCrypto 2023, Lyon, France, April 22–23, 2023. Revised selected papers. Cham: Springer. Lect. Notes Comput. Sci. 14311, 104-124 (2023).
Summary: In this paper we use code-based public key encryption schemes to construct key exchange protocols that are suitable for use in the presence of transmission bit-errors, such as in mobile ad hoc networks.
Building upon the security model by M. Bellare and P. Rogaway [CRYPTO’93, Lect. Notes Comput. Sci. 773, 232–249 (1994; Zbl 0870.94019)], we let instances that have matching conversations up to a certain error bound generate the same session key. In order to prevent an adversary from trivially attacking the schemes, a relaxed version of matching conversation is introduced and shown to be well-defined.
To give validity to our model we show that the introduced security model can be reduced to the original Bellare and Rogaway-security model. Additionally, we prove the naive and obvious solution of adding error correction to a key exchange protocol will not affect the security of the protocol.
Finally, we introduce the concept of error-resistant asymmetric schemes and key encapsulations. Then through a modified Fujisaki-Okamoto-transform we show that a probabilistic error-resistant asymmetric scheme can be transformed into an error-resistant key encapsulation mechanism (KEM). A key exchange protocol construction based on the transformed KEM’s is then presented and proven secure.
For the entire collection see [Zbl 1539.94001].
Building upon the security model by M. Bellare and P. Rogaway [CRYPTO’93, Lect. Notes Comput. Sci. 773, 232–249 (1994; Zbl 0870.94019)], we let instances that have matching conversations up to a certain error bound generate the same session key. In order to prevent an adversary from trivially attacking the schemes, a relaxed version of matching conversation is introduced and shown to be well-defined.
To give validity to our model we show that the introduced security model can be reduced to the original Bellare and Rogaway-security model. Additionally, we prove the naive and obvious solution of adding error correction to a key exchange protocol will not affect the security of the protocol.
Finally, we introduce the concept of error-resistant asymmetric schemes and key encapsulations. Then through a modified Fujisaki-Okamoto-transform we show that a probabilistic error-resistant asymmetric scheme can be transformed into an error-resistant key encapsulation mechanism (KEM). A key exchange protocol construction based on the transformed KEM’s is then presented and proven secure.
For the entire collection see [Zbl 1539.94001].
MSC:
| 94A60 | Cryptography |
Citations:
Zbl 0870.94019Software:
McElieceReferences:
| [1] | Albrecht, M.R., et al.: Classic McEliece: conservative code-based cryptography. https://classic.mceliece.org/nist/mceliece-20201010.pdf |
| [2] | Bellare, M.; Rogaway, P.; Stinson, DR, Entity authentication and key distribution, Advances in Cryptology — CRYPTO 1993, 232-249, 1994, Heidelberg: Springer, Heidelberg · Zbl 0870.94019 · doi:10.1007/3-540-48329-2_21 |
| [3] | Day, J.; Zimmermann, H., The OSI reference model, Proc. IEEE, 71, 12, 1334-1340, 1983 · doi:10.1109/PROC.1983.12775 |
| [4] | Eddy, W.: Transmission Control Protocol (TCP). RFC 9293, August 2022. doi:10.17487/RFC9293, https://www.rfc-editor.org/info/rfc9293 |
| [5] | Gligoroski, D., Knapskog, S.J., Andova, S.: Cryptcoding - encryption and error-correction coding in a single step. In: Security and Management (2006) |
| [6] | Hofheinz, D.; Hövelmanns, K.; Kiltz, E.; Kalai, Y.; Reyzin, L., A modular analysis of the Fujisaki-Okamoto transformation, Theory of Cryptography, 341-371, 2017, Cham: Springer, Cham · Zbl 1410.94082 · doi:10.1007/978-3-319-70500-2_12 |
| [7] | Huffman, W.C., Pless, V.: Fundamentals of Error-Correcting Codes. Cambridge University Press, Cambridge (2003) · Zbl 1099.94030 |
| [8] | Kobara, K.; Imai, H., On the one-wayness against chosen-plaintext attacks of the Loidreau’s modified McEliece PKC, IEEE Trans. Inf. Theory, 49, 12, 3160-3168, 2003 · Zbl 1245.94077 · doi:10.1109/TIT.2003.820016 |
| [9] | Lauter, K.; Mityagin, A.; Yung, M.; Dodis, Y.; Kiayias, A.; Malkin, T., Security analysis of KEA authenticated key exchange protocol, Public Key Cryptography - PKC 2006, 378-394, 2006, Heidelberg: Springer, Heidelberg · Zbl 1151.94532 · doi:10.1007/11745853_25 |
| [10] | Li, B.; Micciancio, D.; Canteaut, A.; Standaert, F-X, On the security of homomorphic encryption on approximate numbers, Advances in Cryptology - EUROCRYPT 2021, 648-677, 2021, Cham: Springer, Cham · Zbl 1479.94211 · doi:10.1007/978-3-030-77870-5_23 |
| [11] | Li, Y., Schäge, S.: No-match attacks and robust partnering definitions: defining trivial attacks for security protocols is not trivial. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, pp. 1343-1360. Association for Computing Machinery, New York, NY, USA (2017). doi:10.1145/3133956.3134006 |
| [12] | Lien, Y.N., Jang, H.C., Tsai, T.C.: A MANET based emergency communication and information system for catastrophic natural disasters. In: 2009 29th IEEE International Conference on Distributed Computing Systems Workshops, pp. 412-417 (2009). doi:10.1109/ICDCSW.2009.72 |
| [13] | McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. Deep Space Network Progress Report, pp. 114-116 (1978) |
| [14] | Postel, J.: User Datagram Protocol. RFC 768, August 1980. doi:10.17487/RFC0768, https://www.rfc-editor.org/info/rfc768 |
| [15] | Quispe, LE; Mengual, L., Behavior of Ad Hoc routing protocols, analyzed for emergency and rescue scenarios, on a real urban area, Expert Syst. Appl., 41, 2565-2573, 2014 · doi:10.1016/j.eswa.2013.10.004 |
| [16] | Rao, T.R.N.: Joint encryption and error correction schemes. SIGARCH Comput. Archit. News 12(3), 240-241 (1984). doi:10.1145/773453.808188 |
| [17] | TCCA: Voice & data. https://tcca.info/tetra/tetra-your-service/voice-data/ |
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.
