2017
DOI: 10.1007/s10623-017-0337-5
|View full text |Cite
|
Sign up to set email alerts
|

Strengthening the security of authenticated key exchange against bad randomness

Abstract: Recent history has revealed that many random number generators (RNGs) used in cryptographic algorithms and protocols were not providing appropriate randomness, either by accident or on purpose. Subsequently, researchers have proposed new algorithms and protocols that are less dependent on the random number generator. One exception is that all prominent authenticated key exchange (AKE) protocols are insecure given bad randomness, even when using good long-term keying material.We analyse the security of AKE prot… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
14
0

Year Published

2017
2017
2023
2023

Publication Types

Select...
6

Relationship

0
6

Authors

Journals

citations
Cited by 10 publications
(14 citation statements)
references
References 24 publications
0
14
0
Order By: Relevance
“…Mohammad et al proposed a new two‐pass AKA with key confirmation protocol which uses a verification mechanism in its block in order to provide entity authentication, assurance for key reception in an indirect way, and PFS 15 ; therefore, it can provide security properties as the three‐pass AKA protocol 36 . Feltz and Cremers analyzed the security of AKA protocols against strong adversaries that can perform chosen‐randomness attacks 17 …”
Section: The Security Models and The Proposed Ecke Modelmentioning
confidence: 99%
See 3 more Smart Citations
“…Mohammad et al proposed a new two‐pass AKA with key confirmation protocol which uses a verification mechanism in its block in order to provide entity authentication, assurance for key reception in an indirect way, and PFS 15 ; therefore, it can provide security properties as the three‐pass AKA protocol 36 . Feltz and Cremers analyzed the security of AKA protocols against strong adversaries that can perform chosen‐randomness attacks 17 …”
Section: The Security Models and The Proposed Ecke Modelmentioning
confidence: 99%
“…Self‐communication enables the AKA protocol to withstand wormhole attacks. Mutual authentication : It is a process in which both entities in a communication link authenticate each other in a communication model. The secret information in the session state includes the ephemeral private key, computed ephemeral shared key, and ephemeral signature secret. In practice, such leakage of ephemeral secret information in the session state may occur by the use of a weak random number generator, by a side‐channel attacks, or if the adversary is able to physically extract the secret information from a party's memory 16,17, 23,34,35, 43 …”
Section: The Security Models and The Proposed Ecke Modelmentioning
confidence: 99%
See 2 more Smart Citations
“…The next solution from [37], addressing similar problem, results in 2-round protocol which still is not eKCI resistant. Another 2-round protocol from [38], addressing the "bad randomness" problem for pseudorandom number generators in user devices, is also not eKCI resistant. Another AKE construction, secure without ROM under the hardness of integer factorization problem, code-based problems, or learning with errors problems, was proposed in [39].…”
Section: Previous Workmentioning
confidence: 99%