Nothing Special   »   [go: up one dir, main page]
Skip to main content
SpringerLink
Log in

On the Security of the Canetti-Krawczyk Model

  • Conference paper
Computational Intelligence and Security (CIS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 3802))

Included in the following conference series:

Abstract

The Canetti-Krawczyk (CK) model is a formal method to design and analyze of key agreement protocols, and these protocols should have some desirable security attributes. In this paper, the relationship between the CK model and the desirable security attributes for a key agreement protocol is analyzed. The conclusions indicate that: (1) protocols designed and proved secure by the CK model offer almost all the security attributes, such as perfect forward secrecy (PFS), loss of information, known-key security, key-compromise impersonation and unknown key-share, but the attribute of key control; (2) loss of information and key-compromise impersonation can be guaranteed by the first requirement of the security definition (SK-security) in the CK model, while PFS and known-key security by the second requirement, and unknown key-share can be ensured by either the requirement. Thereafter, the advantages and disadvantages of the CK model are presented.

Research supported by the National Natural Science Foundation of China (Grant No. 90204012), the National “863” High-tech Project of China (Grant No. 2002AA143021), the Excellent Young Teachers Program of Chinese Ministry of Education, the Key Project of Chinese Ministry of Education, and the University IT Research Center Project of Korea.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Canetti, R., Krawczyk, H.: Advances in Cryptology Eurocrypt 2001, Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  2. Boyd, C., Mao, W., Paterson, K.: Key Agreement using Statically Keyed Authenticators. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 248–262. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  3. Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)

    Google Scholar 

  4. Bellare, M., Canetti, R., Krawczyk, H.: A modular approach to the design and analysis of authentication and key-exchange protocols. In: 30th STOC, pp. 419–428 (1998)

    Google Scholar 

  5. Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography, ch. 12. CRC Press, Boca Raton (1996)

    Book  Google Scholar 

  6. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Info. Theory IT-22, 644–654 (November 1976)

    Google Scholar 

  7. Diffie, W., van Oorschot, P., Wiener, M.: Authentication and authenticated key exchanges. Designs, Codes and Cryptography 2, 107–125 (1992)

    Article  MATH  Google Scholar 

  8. Krawczyk, H.: SKEME: A Versatile Secure Key Exchange Mechanism for Internet. In: Proceeding of the 1996 Internet Society Symposium on Network and Distributed System Security, February, pp. 114–127 (1996)

    Google Scholar 

  9. Krawczyk, H.: SKEME: A Versatile Secure Key Exchange Mechanism for Internet. In: Proceeding of the 1996 Internet Society Symposium on Network and Distributed System Security, pp. 114–127 (1996)

    Google Scholar 

  10. Shoup, V.: On Formal Models for Secure Key Exchange, Theory of Cryptography Library (1999), http://philby.ucsd.edu/cryptolib/1999/99-12.html

  11. Blake-Wilson, S., Johnson, D., Menezes, A.: Key Agreement Protocols and Their Security Analysis. In: Proceedings of the sixth IMA international Conference on Cryptography and Coding (1997)

    Google Scholar 

  12. Law, L., Menezes, A., Qu, M., et al.: An Efficient Protocol for Authenticated Key Agreement. Tech. Rep. CORR 98-05, Department of C&O, University of Waterloo

    Google Scholar 

  13. Shim, K.: Cryptanalysis of Al-Riyami-Paterson’s Authenticated Three Party Key Agreement Protocols, Cryptology ePrint Archive, Report 2003/122 (2003), http://eprint.iacr.org/2003/122

  14. Canetti, R., Krawczyk, H.: Security Analysis of IKE’s Signature-based Key-Exchange Protocol. In: Proc. of the Crypto conference (2002)

    Google Scholar 

  15. Horn, G., Martin, K.M., Mitchell, C.J.: Authentication Protocols for Mobile Network Environment Value-Added Services. IEEE Transaction on Vehicular Technology 51, 383–392 (2002)

    Article  Google Scholar 

  16. Mitchell, C.J., Ward, M., Wilson, P.: Key control in key agreement protocols. Electronics Letters 34, 980–981 (1998)

    Article  Google Scholar 

  17. Tin, Y.S.T., Boyd, C., Nieto, J.G.: Provably Secure Key Exchange: An Engineering Approach. In: Australasian Information Security Workshop 2003 (AISW 2003), pp. 97–104 (2003)

    Google Scholar 

  18. Canetti, R., Krawczyk, H.: Universally Composable Notions of Key Exchange and Secure Channels. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 337–351. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  19. Burrows, M., Abadi, M., Needham, R.M.: A logic of Authentication. ACM Transactions on Computer Systems 8(1), 122–133 (1990)

    Article  Google Scholar 

  20. Meadows, C.: Formal verification of cryptographic protocols: A survey. In: Kim, K.-c., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 135–150. Springer, Heidelberg (1996)

    Google Scholar 

  21. Xinghua, L., Jianfeng, M., Moon, S.J.: Security Extension for the Canetti-Krawczyk Model in Identity-based Systems. Science in China 34 (2004)

    Google Scholar 

  22. Bresson, E., Chevassut, O., Pointcheval, D.: New Security Results on Encrypted Key Exchange. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 145–158. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  23. Aiello, W., Bellovin, S.M., Blaze, M.: Efficient, DoS-Resistant, Secure Key Exchange for Internet Protocols. In: Proceedings of the 9th ACM conference on Computer and communications security, pp. 45–58 (2002)

    Google Scholar 

  24. Bellare, M., Rogaway, P.: Provably Secure Session Key Distribution: The Three Party Case. In: The 27th ACM Symposium on the Theory of Computing – STOC, pp. 57–66. ACM Press, New York (1995)

    Google Scholar 

  25. Choo, K.K.R., Hitchcock, Y.: Security requirement for key establishment proof models: revisiting bellare-rogaway and Jeong-Katz-Lee Protocols. In: Proceedings of the 10th Australasian conference on information security and privacy-ACISP (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Key Laboratory of Computer Networks and Information Security(Ministry of Education) Xidian University, Xi’an, 710071, China

    Xinghua Li & Jianfeng Ma

  2. School of Computing and Automatization, Tianjin Polytechnic University, Tianjin, 300160, China

    Jianfeng Ma

  3. Mobile Network Security Technology Research Center, Kyungpook National University, Sankyuk-dong, Buk-ku, Daegu, 702-701, Korea

    SangJae Moon

Authors
  1. Xinghua Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jianfeng Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. SangJae Moon
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Microelectronic Instiute, Xidian University, 710071, Xi’an, China

    Yue Hao

  2. Department of Computer Science, Hong Kong Baptist University, Kowloon Tong, Hong Kong

    Jiming Liu

  3. School of Computer Science and Technology, Xidian University, Xi’an, China

    Yu-Ping Wang

  4. Department of Computer Science, Hong Kong Baptist University, Hong Kong,  

    Yiu-ming Cheung

  5. School of Electrical and Electronic Engineering, University of Manchester, UK

    Hujun Yin

  6. Life Science Research Center, School of Electronic Engineering, Xidian University, 710071, Xi’an, Shaanxi, China

    Licheng Jiao

  7. Key Laboratory of Computer Networks and Information Security(Ministry of Education), Xidian University, 710071, Xi’an, China

    Jianfeng Ma

  8. National Laboratory of Antennas and Microwave Technology, Xidian University, 710071, Xi’an, Shanxi, P.R. China

    Yong-Chang Jiao

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Li, X., Ma, J., Moon, S. (2005). On the Security of the Canetti-Krawczyk Model. In: Hao, Y., et al. Computational Intelligence and Security. CIS 2005. Lecture Notes in Computer Science(), vol 3802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11596981_53

Download citation

  • DOI: https://doi.org/10.1007/11596981_53

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30819-5

  • Online ISBN: 978-3-540-31598-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation