Forward Secrecy for SPAKE2

Lopez Becerra, José Miguel; Ostrev, Dimiter; Skrobot, Marjan

Reference : Forward Secrecy for SPAKE2


	Document type :	Scientific congresses, symposiums and conference proceedings : Paper published in a book
	Discipline(s) :	Engineering, computing & technology : Computer science
	Focus Areas :	Security, Reliability and Trust
	To cite this reference:	http://hdl.handle.net/10993/37390

Title :	Forward Secrecy for SPAKE2
Language :	English
Author, co-author :	Lopez Becerra, José Miguel [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Ostrev, Dimiter [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Skrobot, Marjan []
Publication date :	25-Oct-2018
Main document title :	Provable Security
Editor :	Baek, Joonsang
	Willy, Susilo
Publisher :	Springer International Publishing
Pages :	366-384
Peer reviewed :	Yes
Audience :	International
ISBN :	978-3-030-01446-9
Event name :	The 12th International Conference on Provable Security
Event date :	25-10-2018 to 28-10-2018
Event place (city) :	Jeju
Event country :	Korea
Keywords :	[en] Provable Security ; Password-Authenticated Key Exchange ; Forward Secrecy
Abstract :	[en] Currently, the Simple Password-Based Encrypted Key Exchange (SPAKE2) protocol of Abdalla and Pointcheval (CT-RSA 2005) is being considered by the IETF for standardization and integration in TLS 1.3. Although it has been proven secure in the Find-then-Guess model of Bellare, Pointcheval and Rogaway (EUROCRYPT 2000), whether it satisfies some notion of forward secrecy remains an open question. In this work, we prove that the SPAKE2 protocol satisfies the so-called weak forward secrecy introduced by Krawczyk (CRYPTO 2005). Furthermore, we demonstrate that the incorporation of key-confirmation codes in SPAKE2 results in a protocol that provably satisfies the stronger notion of perfect forward secrecy. As forward secrecy is an explicit requirement for cipher suites supported in the TLS handshake, we believe this work could fill the gap in the literature and facilitate the adoption of SPAKE2 in the recently approved TLS 1.3.
Research centres :	Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Applied Security and Information Assurance Group (APSIA)
Funders :	Fonds National de la Recherche - FnR
Target :	Researchers ; Professionals ; Students
Permalink :	http://hdl.handle.net/10993/37390
FnR project :	FnR ; FNR8293135 > Peter Y. A. Ryan > AToMS > A Theory of Matching Sessions > 01/05/2015 > 30/04/2018 > 2014

File(s) associated to this reference

Fulltext file(s):

	File	Commentary	Version	Size	Access
Open access	CRprovsec.pdf		Author postprint	396.15 kB	View/Open

All documents in ORBi^lu are protected by a user license.

University of Luxembourg Library | Feedback | Legal notices