On the Privacy-Preserving Infrastructure for Authenticated Key Exchange
Authors: 
Li Duan, Yong LiAuthors Info & Claims
Pages 435 - 454
Abstract
Privacy-preserving authenticated key exchange (PPAKE) protocols aim at providing both session key indistinguishability and party identifier hiding. Parties in PPAKEs usually interact with a public key infrastructure (PKI) or similar services for authentication, especially for validating certificates and other identity-binding tokens during the handshake. However, these essential validation messages, which have not been captured in current models, open attack surfaces for adversaries. In this paper, we propose a new refined infrastructure model (RI) for privacy in the infrastructure. As the cryptographic core, we also present a novel certificate validation protocol (CVP) that can be instantiated with anonymous Bloom filter key encapsulation mechanisms ( [inline-graphic not available: see fulltext]). The new CVP protects user identity in certificate validation, thus enhances the privacy guarantee of PPAKE.
References
[1]
Abdalla M et al. Shoup V et al. Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions Advances in Cryptology – CRYPTO 2005 2005 Heidelberg Springer 205-222
[2]
Arfaoui, G., Bultel, X., Fouque, P.A., Nedelcu, A., Onete, C.: The privacy of the TLS 1.3 protocol. In: Proceedings on Privacy Enhancing Technologies 2019, pp. 190–210 (2019)
[3]
Bellare M, Boldyreva A, Desai A, and Pointcheval D Boyd C Key-privacy in public-key encryption Advances in Cryptology — ASIACRYPT 2001 2001 Heidelberg Springer 566-582
[4]
Bilge, L., Strufe, T., Balzarotti, D., Kirda, E.: All your contacts are belong to us: automated identity theft attacks on social networks. In: Proceedings of the 18th International Conference on World Wide Web, pp. 551–560 (2009)
[5]
Bloom BH Space/time trade-offs in hash coding with allowable errors Commun. ACM 1970 13 7 422-426
[6]
Boyen X and Waters B Dwork C Anonymous hierarchical identity-based encryption (without random oracles) Advances in Cryptology - CRYPTO 2006 2006 Heidelberg Springer 290-307
[7]
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: Proceedings 42nd IEEE Symposium on Foundations of Computer Science, pp. 136–145. IEEE (2001)
[8]
Canetti R and Krawczyk H Pfitzmann B Analysis of key-exchange protocols and their use for building secure channels Advances in Cryptology — EUROCRYPT 2001 2001 Heidelberg Springer 453-474
[9]
Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile. RFC 5280 (proposed standard) (2008). http://www.ietf.org/rfc/rfc5280.txt
[10]
Derler D, Gellert K, Jager T, Slamanig D, and Striecks C Bloom filter encryption and applications to efficient forward-secret 0-RTT key exchange J. Cryptol. 2021 34 2 1-59
[11]
Gao Y, Al-Sarawi SF, and Abbott D Physical unclonable functions Nature Electron. 2020 3 2 81-91
[12]
Green, M.D., Miers, I.: Forward secure asynchronous messaging from puncturable encryption. In: 2015 IEEE Symposium on Security and Privacy, pp. 305–320. IEEE (2015)
[13]
Halevi, S.: A sufficient condition for key-privacy. Cryptology ePrint Archive (2005)
[14]
Heinrich, A., Stute, M., Kornhuber, T., Hollick, M.: Who can find my devices? Security and privacy of apple’s crowd-sourced Bluetooth location tracking system. arXiv preprint arXiv:2103.02282 (2021)
[15]
Internet Engineering Task Force, Rescorla, E.: The transport layer security (TLS) protocol version 1.3. RFC 8446 (2018). http://datatracker.ietf.org/doc/html/rfc8446
[16]
Internet Engineering Task Force, Santesson, S., Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 internet public key infrastructure online certificate status protocol - OCSP. RFC 6960 (2013). http://datatracker.ietf.org/doc/html/rfc6960
[17]
Jager T, Kohlar F, Schäge S, and Schwenk J Abe M Generic compilers for authenticated key exchange Advances in Cryptology - ASIACRYPT 2010 2010 Heidelberg Springer 232-249
[18]
Krawczyk H Shoup V HMQV: a high-performance secure Diffie-Hellman protocol Advances in Cryptology – CRYPTO 2005 2005 Heidelberg Springer 546-566
[19]
Krombholz K, Hobel H, Huber M, and Weippl E Advanced social engineering attacks J. Inf. Secur. Appl. 2015 22 113-122
[20]
Li, Y., Schäge, S.: No-match attacks and robust partnering definitions: defining trivial attacks for security protocols is not trivial. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, 30 October–03 November 2017, pp. 1343–1360. ACM (2017).
[21]
Lian H, Pan T, Wang H, and Zhao Y Bertino E, Shulman H, and Waidner M Identity-based identity-concealed authenticated key exchange Computer Security – ESORICS 2021 2021 Cham Springer 651-675
[22]
Libert B, Paterson KG, and Quaglia EA Fischlin M, Buchmann J, and Manulis M Anonymous broadcast encryption: adaptive security and efficient constructions in the standard model Public Key Cryptography – PKC 2012 2012 Heidelberg Springer 206-224
[23]
Lin H Katz J and Shacham H Indistinguishability obfuscation from SXDH on 5-linear maps and locality-5 PRGs Advances in Cryptology – CRYPTO 2017 2017 Cham Springer 599-629
[24]
Lyu, Y., Liu, S., Han, S., Gu, D.: Privacy-preserving authenticated key exchange in the standard model. Cryptology ePrint Archive (2022)
[25]
Ramacher S, Slamanig D, and Weninger A Bertino E, Shulman H, and Waidner M Privacy-preserving authenticated key exchange: stronger privacy and generic constructions Computer Security – ESORICS 2021 2021 Cham Springer 676-696
[26]
Rührmair, U., Sölter, J., Sehnke, F.: On the foundations of physical unclonable functions. Cryptology ePrint Archive (2009)
[27]
Schäge S, Schwenk J, and Lauer S Kiayias A, Kohlweiss M, Wallden P, and Zikas V Privacy-preserving authenticated key exchange and the case of IKEv2 Public-Key Cryptography – PKC 2020 2020 Cham Springer 567-596
[28]
Shi E and Wu K Canteaut A and Standaert F-X Non-interactive anonymous router Advances in Cryptology – EUROCRYPT 2021 2021 Cham Springer 489-520
[29]
Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. Cryptology ePrint Archive, Report 2004/332 (2004). http://eprint.iacr.org/
[30]
Wallrabenstein, J.R.: Practical and secure IoT device authentication using physical unclonable functions. In: 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), pp. 99–106. IEEE (2016)
[31]
Wang, Y., Paccagnella, R., He, E.T., Shacham, H., Fletcher, C.W., Kohlbrenner, D.: Hertzbleed: turning power Side-Channel attacks into remote timing attacks on x86. In: 31st USENIX Security Symposium (USENIX Security 2022), pp. 679–697 (2022)
[32]
Zhao, Y.: Identity-concealed authenticated encryption and key exchange. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1464–1479 (2016)
Index Terms
- On the Privacy-Preserving Infrastructure for Authenticated Key Exchange
Index terms have been assigned to the content through auto-classification.
Recommendations
Privacy-Enhancing Proxy Signatures from Non-interactive Anonymous Credentials
DBSec 2014: Proceedings of the 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy XXVIII - Volume 8566Proxy signatures enable an originator to delegate the signing rights for a restricted set of messages to a proxy. The proxy is then able to produce valid signatures only for messages from this delegated set on behalf of the originator. Recently, two ...
Convertible multi-authenticated encryption scheme
A convertible authenticated encryption (CAE) scheme allows the signer to generate a valid authenticated ciphertext on his chosen message such that only the designated recipient can retrieve the message. Further, the recipient has the ability to convert ...
Attribute-based authenticated key exchange
ACISP'10: Proceedings of the 15th Australasian conference on Information security and privacyWe introduce the concept of attribute-based authenticated key exchange (AB-AKE) within the framework of ciphertext-policy attribute-based systems. A notion of AKE-security for AB-AKE is presented based on the security models for group key exchange ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Nov 2023
598 pages
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2023.
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 01 December 2023
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 16 Nov 2024
Other Metrics
Citations
View Options
View options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in