Modular approach to the design and analysis of authentication and key exchange protocols

Mihir Bellare*, Ran Canetti, Hugo Krawczyk

*Corresponding author for this work

Research output: Contribution to journalConference articlepeer-review

Abstract

We present a general framework for constructing and analyzing authentication protocols in realistic models of communication networks. This framework provides a sound formalization for the authentication problem and suggests simple and attractive design principles for general authentication and key exchange protocols. The key element in our approach is a modular treatment of the authentication problem in cryptographic protocols; this applies to the definition of security, to the design of the protocols, and to their analysis. In particular, following this modular approach, we show how to systematically transform solutions that work in a model of idealized authenticated communications into solutions that are secure in the realistic setting of communication channels controlled by an active adversary. Using these principles we construct and prove the security of simple and practical authentication and key-exchange protocols. In particular, we provide a security analysis of some well-known key exchange protocols (e.g. authenticated Diffie-Hellman key exchange), and of some of the techniques underlying the design of several authentication protocols that are currently being deployed on a large scale for the Internet Protocol and other applications.

Original languageEnglish
Pages (from-to)419-428
Number of pages10
JournalConference Proceedings of the Annual ACM Symposium on Theory of Computing
StatePublished - 1998
Externally publishedYes
EventProceedings of the 1998 30th Annual ACM Symposium on Theory of Computing - Dallas, TX, USA
Duration: 23 May 199826 May 1998

Fingerprint

Dive into the research topics of 'Modular approach to the design and analysis of authentication and key exchange protocols'. Together they form a unique fingerprint.

Cite this