Computationally Secure Two-Round Authenticated Message Exchange

We study two-round authenticated message exchange protocols consisting of a single request and a single response, with the realistic assumption that the responder is long-lived and has bounded memory. We first argue that such protocols necessarily need elements such as timestamps to be secure. We then present such a protocol and prove that it is correct and computationally secure. In our model, the adversary provides the initiator and the responder with the payload of their messages, which means our protocol can be used to implement securely any service based on authenticated message exchange. We even allow the adversary to to read and reset the memory of the principals and to use, with very few restrictions, the private keys of the principals for signing the payloads or parts thereof. We use timestamps to secure our protocol, but only assume that each principal has access to a local clock

A quantum key distribution protocol for rapid denial of service detection

We introduce a quantum key distribution protocol designed to expose fake users that connect to Alice or Bob for the purpose of monopolising the link and denying service. It inherently resists attempts to exhaust Alice and Bob's initial shared secret, and is 100% efficient, regardless of the number of qubits exchanged above the finite key limit. Additionally, secure key can be generated from two-photon pulses, without having to make any extra modifications. This is made possible by relaxing the security of BB84 to that of the quantum-safe block cipher used for day-to-day encryption, meaning the overall security remains unaffected for useful real-world cryptosystems such as AES-GCM being keyed with quantum devices.Comment: 13 pages, 3 figures. v2: Shifted focus of paper towards DoS and added protocol 4. v1: Accepted to QCrypt 201