Proceedings of the 8th ACM Conference on Computer and Communications Security 2001
DOI: 10.1145/501983.502018
|View full text |Cite
|
Sign up to set email alerts
|

Provably authenticated group Diffie-Hellman key exchange

Abstract: Group Diffie-Hellman protocols for Authenticated Key Exchange (AKE) are designed to provide a pool of players with a shared secret key which may later be used, for example, to achieve multicast message integrity. Over the years, several schemes have been offered. However, no formal treatment for this cryptographic problem has ever been suggested. In this paper, we present a security model for this problem and use it to precisely define AKE (with "implicit" authentication) as the fundamental goal, and the entit… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
145
0

Year Published

2010
2010
2019
2019

Publication Types

Select...
5
2

Relationship

1
6

Authors

Journals

citations
Cited by 251 publications
(145 citation statements)
references
References 28 publications
0
145
0
Order By: Relevance
“…Bresson et al [10] were the first to formalize the security model for group key agreement protocols. Their model is based on the previous security model for key agreement protocols between two or three parties [1,2,4].…”
Section: Related Workmentioning
confidence: 99%
See 1 more Smart Citation
“…Bresson et al [10] were the first to formalize the security model for group key agreement protocols. Their model is based on the previous security model for key agreement protocols between two or three parties [1,2,4].…”
Section: Related Workmentioning
confidence: 99%
“…The first security model for AGKA protocols was presented by Wu et al [25], derived from the security model for conventional GKA protocols [10]. We note that the security model in [25] only considers passive attackers.…”
Section: Security Modelmentioning
confidence: 99%
“…Security of key exchange protocols is usually defined with the requirement of Authenticated Key Exchange (AKE) security; see [3,14,15,26] for the 2KE case and [8,10,18,21,22] for the GKE case. AKE-security models the indistinguishability of the established session group key with respect to an active adversary treated as an external entity from the perspective of the attacked session.…”
Section: Related Workmentioning
confidence: 99%
“…In other words the simulation aborts if A outputs a successful forgery. Following the classical reductionist argument (see for instance [8]) we can build a forger against the signature scheme and upper-bound the probability difference…”
Section: A Proof Of Theoremmentioning
confidence: 99%
See 1 more Smart Citation