Explore the vast range of titles available.

We propose the first tight security proof for the ordinary two-message signed Diffie–Hellman key exchange protocol in the random oracle model. Our proof is based on the strong computational Diffie–Hellman assumption and the multiuser security of a digital signature scheme. With our security proof, the signed DH protocol can be deployed with optimal parameters, independent of the number of users or sessions, without the need to compensate any security loss. We abstract our approach with a new notion called verifiable key exchange. In contrast to a known tight three-message variant of the signed Diffie–Hellman protocol (Gjøsteen and Jager, in: Shacham, Boldyreva (eds) CRYPTO 2018, Part II. LNCS, Springer, Heidelberg, 2018), we do not require any modification to the original protocol, and our tightness result is proven in the “Single-Bit-Guess” model which we know can be tightly composed with symmetric cryptographic primitives to establish a secure channel. Finally, we extend our approach to the group setting and construct the first tightly secure group authenticated key exchange protocol.

In recent years, the growth of vehicles in the urban areas has been massive; thus, we require a secure means via which we can monitor traffic, gain data about traffic conditions, weather, accidents, road defects, speed of the vehicle, condition of the roads, etc. VANET helps us deliver a secure and more efficient means of moni A VANET is an Ad-Hoc network, which helps in exchanging information with different entities from time to time. To ensure secure communication, we want to ensure that there is a presence of a secure session key such that an adversary is not able to gain access to privileged information. Thus, we focus on designing a probabilistic key exchange protocol that can be used in the Vehicular Ad hoc Network (VANET) setting. The proposed protocol is lightweight and is more efficient than bilinear pairing, modular exponentiation, and Elliptic Curve Cryptography. The security proof of the proposed system can be witnessed via Automated Validation of Internet Security Protocols and Applications and BAN logic.

An unresolved problem in research on authenticated key exchange (AKE) in the public-key setting is to construct a secure protocol against advanced attacks such as key compromise impersonation and maximal exposure attacks without relying on random oracles. HMQV, a state of the art AKE protocol, achieves both efficiency and the strong security proposed by Krawczyk (we call it the CK+ model), which includes resistance to advanced attacks. However, the security proof is given under the random oracle model. We propose a generic construction of AKE from a key encapsulation mechanism (KEM). The construction is based on a chosen-ciphertext secure KEM, and the resultant AKE protocol is CK+ secure in the standard model. The construction gives the first CK+ secure AKE protocols based on the hardness of integer factorization problem, code-based problems, or learning problems with errors. In addition, instantiations under the Diffie–Hellman assumption or its variant can be proved to have strong security without non-standard assumptions such as π PRF and KEA1. Furthermore, we extend the CK+ model to identity-based (called the id-CK+ model), and propose a generic construction of identity-based AKE (ID-AKE) based on identity-based KEM, which satisfies id-CK+ security. The construction leads first strongly secure ID-AKE protocols under the hardness of integer factorization problem, or learning problems with errors.

Lattice-based cryptography is one of the emerging fields of cryptography in the post-quantum world. It is resistive to quantum attacks and has performance competitive to that of prevalent cryptosystem such as Rivest–Shamir–Adleman (RSA), Diffie Hellman etc. Till now, various basic cryptographic primitives like encryption and decryption, digital signature, hash-based functions, and key exchange are proposed in lattice-based cryptography. The key exchange primitive is one of the basic cryptographic primitives of the Public Key Infrastructure (PKI). Lattices are preferably used to design provably secure reconciliation based key exchange protocols against quantum attacks. However, the literature pertaining to the study of reconciliation based key exchange protocols is limited and often the schemes are studied independently. Therefore, in this work, we have reviewed the reconciliation based key exchange schemes and classify these schemes under two different categories depending on the reconciliation mechanism used by the scheme. We also point out the basic key exchange schemes upon which all other key exchange schemes are based. We conduct a complete review, security analysis, implementation and comparison of these basic key exchange schemes.

Stateful authenticated group key exchange (stAGKE) represents an important class of authenticated group key exchange (AGKE) such as tree-based AGKE. The computation of either ephemeral public key or session key in a new stAGKE session may be based on the ephemeral secret state from some previously established session. We notice that earlier AGKE models may be not able to provide appropriate security arguments for stAGKE. In this work, a new model is proposed for stAGKE to formulate security properties in particular for resistance to the leakage attacks on ephemeral key. To be of independent interest, the new model is also flexible, which can be used for analyzing either stateless or stateful AGKE protocols. We show the validity of our model by introducing a new tree-based protocol construction for stAGKE. The proposed scheme is proven secure in our new proposed model without random oracles.

Strongly asymmetric public key agreement (SAPKA) is a class of key exchange between Alice and Bob that was introduced in 2011. The greatest difference from the standard PKA algorithms is that Bob constructs multiple public keys and Alice uses one of these to calculate her public key and her secret shared key. Therefore, the number of public keys and calculation rules for each key differ for each user. Although algorithms with high security and computational efficiency exist in this class, the relation between the parameters of SAPKA and its security and computational efficiency has not yet been fully clarified. Therefore, our main objective in this study was to classify the SAPKA algorithms according to their properties. By attempting algorithm attacks, we found that certain parameters are more strongly related to the security. On this basis, we constructed concrete algorithms and a new subclass of SAPKA, in which the responsibility of maintaining security is significantly more associated with the secret parameters of Bob than those of Alice. Moreover, we demonstrate 1. insufficient but necessary conditions for this subclass, 2. inclusion relations between the subclasses of SAPKA, and 3. concrete examples of this sub-class with reports of implementational experiments.

The group key exchange protocol is a cryptographic mechanism is designed to provide a common session key for a group, there are some common challenges to this type of algorithm as computation and communication cost. Whenever the involvement of high computation and communication operations to the algorithms encounter, then the system with low configuration always faces problem in major time delay. The proposed approach is designed specifically to provide computation and communication efficient algorithms for low configuration systems without violating the security. For making our approach computationally efficient, we replaced modular exponential operation by modular multiplication operation, helpful for low configuration system making task early. For making our approach communication efficient, we used the divide and conquer mechanism to reduced the message transmission cost. The major task is to generate a common session key for the group in less computation time for a low configuration system without violating the security. The RSA algorithm assuring security with constant computation cost while the modular multiplication operation, assuring the less computation cost for low configuration system. The major limitation of the study as the approach is more efficient and applicable for low configuration system only, if comparing the existing approaches with the low configuration system.

In view of the expected cryptanalysis (of both classical and quantum adversaries), it is important to find alternatives for currently used cryptographic primitives. In the past years, several authenticated key exchange protocols (AKE) that base their security on presumably quantum hard problems, such as lattice-based AKEs, were proposed. Since very different proposals for generic AKEs as well as direct AKEs, i.e., protocols directly based on lattice-based problems without additional authentication, exist, the performance of lattice-based AKEs is not evaluated and compared thoroughly. In particular, it is an open question whether the direct constructions are more efficient than generic approaches as it is often the case for other primitives. In this paper, we fill this gap. We compare existing lattice-based authenticated key exchange protocols, generic and direct. Therefore, we first find the most efficient suitable primitives to instantiate the generic protocols. Afterward, we choose parameters for each AKE yielding approximately 100 or 192 bits of security. We implement all protocols using the same libraries and compare the resulting performance. We find that our instantiation of the AKE by Peikert (PQCrypto, 2014) is the most efficient lattice-based AKE. Particularly, it is faster than the direct AKE by Zhang et al. (EUROCRYPT, 2015).

We present the first provably-secure three-party password-only authenticated key exchange (PAKE) protocol that can run in only two communication rounds. Our protocol is generic in the sense that it can be constructed from any two-party PAKE protocol. The protocol is proven secure in a variant of the widely-accepted model of Bellare, Pointcheval and Rogaway (2000) without any idealized assumptions on the cryptographic primitives used. We also investigate the security of the two-round, three-party PAKE protocol of Wang, Hu and Li (2010) and demonstrate that this protocol cannot achieve implicit key authentication in the presence of an active adversary.

In the rapidly evolving landscape of wireless communication, the traditional model of data exchange predominantly relies on a centralized infrastructure, where all communications, even between nearby devices, are routed through a base station (BS) and potentially the core network. Device-to-device (D2D) communication emerges as a transformative paradigm that challenges this conventional model. The concept of D2D communication has gained considerable traction, especially with the advent of 4G LTE and its crucial role in 5G and beyond. D2D aims to unlock numerous benefits, including improved spectral efficiency, increased throughput, reduced latency, enhanced energy efficiency, and better network offloading. In this paper, we focus on secure D2D communication using D2D-ECDH key exchange protocol with blockchain smart contracts along with blockchain Verkle tree data structure. This approach helps to improve secure communication between IoT devices and avoids Man-in-the-Middle (MITM) attacks, replay attacks, and central points of failure. The Verkle tree approach provides a smaller proof size to verify the root commitment value compared to the traditional Merkle tree data structure. The simulation has been executed in both Python and Solidity coding. Python has executed in VS Code generator, and Solidity code has executed in Remix IDE, Ethereum network V0.65.0. The Remix IDE was developed in Ganache V2.7.1 for blockchain smart contracts. Compared to the traditional Merkle tree approach, the Verkle tree provides less proof size up to 33 times.