Anonymity and one-way authentication in key exchange protocols
Goldberg, Ian, Ustaoglu, Berkant, & Stebila, Douglas (2012) Anonymity and one-way authentication in key exchange protocols. Designs, Codes and Cryptography, 67(2), pp. 245-269.
Key establishment is a crucial cryptographic primitive for building secure communication channels between two parties in a network. It has been studied extensively in theory and widely deployed in practice. In the research literature a typical protocol in the public-key setting aims for key secrecy and mutual authentication. However, there are many important practical scenarios where mutual authentication is undesirable, such as in anonymity networks like Tor, or is difficult to achieve due to insufficient public-key infrastructure at the user level, as is the case on the Internet today. In this work we are concerned with the scenario where two parties establish a private shared session key, but only one party authenticates to the other; in fact, the unauthenticated party may wish to have strong anonymity guarantees. We present a desirable set of security, authentication, and anonymity goals for this setting and develop a model which captures these properties. Our approach allows for clients to choose among different levels of authentication. We also describe an attack on a previous protocol of Øverlier and Syverson, and present a new, efficient key exchange protocol that provides one-way authentication and anonymity.
Impact and interest:
Citation counts are sourced monthly from and citation databases.
Citations counts from theindexing service can be viewed at the linked Google Scholar™ search.
|Item Type:||Journal Article|
|Additional Information:||Springer OnlineFirst publication|
|Keywords:||Key exchange, One-way authentication, Anonymity, Tor network, Protocols, Security models, Cryptography|
|Subjects:||Australian and New Zealand Standard Research Classification > MATHEMATICAL SCIENCES (010000) > PURE MATHEMATICS (010100) > Combinatorics and Discrete Mathematics (excl. Physical Combinatorics) (010104)
Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > DATA FORMAT (080400) > Data Encryption (080402)
|Divisions:||Past > QUT Faculties & Divisions > Faculty of Science and Technology
Past > Institutes > Information Security Institute
Past > Schools > Mathematical Sciences
|Copyright Owner:||Copyright 2012 Springer Science+Business Media, LLC|
|Copyright Statement:||The original publication is available at SpringerLink http://www.springerlink.com|
|Deposited On:||24 Jan 2012 22:55|
|Last Modified:||02 May 2013 18:03|
Repository Staff Only: item control page