228,998 research outputs found
On Efficient Key Agreement Protocols
A class of efficient key agreement protocols proposed by Boyd is examined. An attack is demonstrated on a round-optimal example protocol of this class, and a simple countermeasure is suggested. The whole class is known to be vulnerable to an attack proposed by Bauer, Berson and Feiertag. A new class of key agreement protocols without this vulnerability but having the same advantages in efficiency is identified, and a number of concrete protocols are suggested
Key Agreement for Large-Scale Dynamic Peer Group
Many applications in distributed computing systems,such as IP telephony, teleconferencing, collaborative workspaces,interactive chats and multi-user games, involve dynamic peergroups. In order to secure communications in dynamic peergroups, group key agreement protocols are needed. In this paper,we come up with a new group key agreement protocol, composedof a basic protocol and a dynamic protocol, for large-scaledynamic peer groups. Our protocols are natural extensions ofone round tripartite Diffie-Hellman key agreement protocol. Inview of it, our protocols are believed to be more efficient thanthose group key agreement protocols built on two-party Diffie-Hellman key agreement protocol. In addition, our protocols havethe properties of group key secrecy, forward and backwardsecrecy, and key independence
Communication-efficient three-party protocols for authentication and key agreement
AbstractEncrypted key exchange (EKE) authentication approaches are very important for secure communicating over public networks. In order to solve the security weaknesses three-party EKE, Yeh et al. [H.T. Yeh, H.M. Sun, T. Hwang, Efficient three-party authentication and key agreement protocols resistant to password guessing attacks, Information Science and Engineering 19 (6) (2003) 1059–1070.] proposed two secure and efficient three-party EKE protocols. Based on the protocol developed by Yeh et al., two improved EKE protocols for authentication and key agreement are proposed in this study. The computational costs of the proposed protocols are the same as those of the protocols of Yeh et al. However, the numbers of messages in the communication are fewer than those of the protocols of Yeh et al. Furthermore, the round efficient versions of our proposed protocols are also described
Separating Key Agreement and Computational Differential Privacy
Two party differential privacy allows two parties who do not trust each
other, to come together and perform a joint analysis on their data whilst
maintaining individual-level privacy. We show that any efficient,
computationally differentially private protocol that has black-box access to
key agreement (and nothing stronger), is also an efficient,
information-theoretically differentially private protocol. In other words, the
existence of efficient key agreement protocols is insufficient for efficient,
computationally differentially private protocols. In doing so, we make progress
in answering an open question posed by Vadhan about the minimal computational
assumption needed for computational differential privacy.
Combined with the information-theoretic lower bound due to McGregor, Mironov,
Pitassi, Reingold, Talwar, and Vadhan in [FOCS'10], we show that there is no
fully black-box reduction from efficient, computationally differentially
private protocols for computing the Hamming distance (or equivalently inner
product over the integers) on bits, with additive error lower than
, to key agreement.
This complements the result by Haitner, Mazor, Silbak, and Tsfadia in
[STOC'22], which showed that computing the Hamming distance implies key
agreement. We conclude that key agreement is \emph{strictly} weaker than
computational differential privacy for computing the inner product, thereby
answering their open question on whether key agreement is sufficient
Secure Anonymous Conferencing in Quantum Networks
Users of quantum networks can securely communicate via so-called (quantum) conference key agreement—making their identities publicly known. In certain circumstances, however, communicating users demand anonymity. Here, we introduce a security framework for anonymous conference key agreement with different levels of anonymity, which is inspired by the ε-security of quantum key distribution. We present efficient and noise-tolerant protocols exploiting multipartite Greenberger-Horne-Zeilinger (GHZ) states and prove their security in the finite-key regime. We analyze the performance of our protocols in noisy and lossy quantum networks and compare with protocols that only use bipartite entanglement to achieve the same functionalities. Our simulations show that GHZ-based protocols can outperform protocols based on bipartite entanglement and that the advantage increases for protocols with stronger anonymity requirements. Our results strongly advocate the use of multipartite entanglement for cryptographic tasks involving several users
Secure Anonymous Conferencing in Quantum Networks
Users of quantum networks can securely communicate via so-called (quantum) conference key agreement—making their identities publicly known. In certain circumstances, however, communicating users demand anonymity. Here, we introduce a security framework for anonymous conference key agreement with different levels of anonymity, which is inspired by the ε-security of quantum key distribution. We present efficient and noise-tolerant protocols exploiting multipartite Greenberger-Horne-Zeilinger (GHZ) states and prove their security in the finite-key regime. We analyze the performance of our protocols in noisy and lossy quantum networks and compare with protocols that only use bipartite entanglement to achieve the same functionalities. Our simulations show that GHZ-based protocols can outperform protocols based on bipartite entanglement and that the advantage increases for protocols with stronger anonymity requirements. Our results strongly advocate the use of multipartite entanglement for cryptographic tasks involving several users
Unifying classical and quantum key distillation
Assume that two distant parties, Alice and Bob, as well as an adversary, Eve,
have access to (quantum) systems prepared jointly according to a tripartite
state. In addition, Alice and Bob can use local operations and authenticated
public classical communication. Their goal is to establish a key which is
unknown to Eve. We initiate the study of this scenario as a unification of two
standard scenarios: (i) key distillation (agreement) from classical
correlations and (ii) key distillation from pure tripartite quantum states.
Firstly, we obtain generalisations of fundamental results related to
scenarios (i) and (ii), including upper bounds on the key rate. Moreover, based
on an embedding of classical distributions into quantum states, we are able to
find new connections between protocols and quantities in the standard scenarios
(i) and (ii).
Secondly, we study specific properties of key distillation protocols. In
particular, we show that every protocol that makes use of pre-shared key can be
transformed into an equally efficient protocol which needs no pre-shared key.
This result is of practical significance as it applies to quantum key
distribution (QKD) protocols, but it also implies that the key rate cannot be
locked with information on Eve's side. Finally, we exhibit an arbitrarily large
separation between the key rate in the standard setting where Eve is equipped
with quantum memory and the key rate in a setting where Eve is only given
classical memory. This shows that assumptions on the nature of Eve's memory are
important in order to determine the correct security threshold in QKD.Comment: full versio
- …