Practical Certificate-Less Infrastructure with Application in TLS-Reference-Cited by-同舟云学术

Practical Certificate-Less Infrastructure with Application in TLS

Published:2023-12-14 Issue:4 Volume:7 Page:63
ISSN:2410-387X
Container-title:Cryptography
language:en
Short-container-title:Cryptography

Author:

Duan Li¹²^ORCID,Li Yong¹,Liao Lijun¹

Affiliation:

1. Huawei Technologies Düsseldorf, 8600 Düsseldorf, Germany

2. Department of Computer Science, Paderborn University, 33098 Paderborn, Germany

Abstract

We propose highly efficient certificate-less (CL) protocols for the infrastructure used by authenticated key exchange (AKE). The construction is based on elliptic curves (EC) without pairing, which means it can be easily supported by most industrial cryptography libraries on constrained devices. Compared with other pairing-free CL solutions, the new CL-AKE protocol enjoys the least number of scalar multiplications over EC groups. We use a unified game-based model to formalize the security of each protocol, while most previous works only assess the security against a list of attacks, provide informal theorems without proper modeling, or use separate models for protocols in different stages. We also present an efficient integration of the core protocols into the TLS cipher suites and a stand-alone implementation for constrained devices. The performance is evaluated on constrained devices in real-world settings, which further confirms the efficiency of our proposal.

Publisher

MDPI AG

Subject

Applied Mathematics,Computational Theory and Mathematics,Computer Networks and Communications,Computer Science Applications,Software

Link

https://www.mdpi.com/2410-387X/7/4/63/pdf

Reference40 articles.

1. Rescorla, E., and Internet Engineering Task Force (2023, December 08). The Transport Layer Security (TLS) Protocol Version 1.3. Available online: https://tools.ietf.org/html/draft-ietf-tls-tls13-26.

2. Bellare, M., and Rogaway, P. (1994, January 22–26). Entity Authentication and Key Distribution. Proceedings of the CRYPTO’93, Santa Barbara, CA, USA.

3. Susilo, W., Liu, J.K., and Mu, Y. (2007, January 1–2). Stronger Security of Authenticated Key Exchange. Proceedings of the ProvSec 2007, Wollongong, Australia.

4. Canetti, R. (2023, December 08). Universally Composable Security: A New Paradigm for Cryptographic Protocols. Cryptology ePrint Archive, Report 2000/067. Available online: https://ia.cr/2000/067.

5. Safavi-Naini, R., and Canetti, R. (2012, January 19–23). On the Security of TLS-DHE in the Standard Model. Proceedings of the CRYPTO 2012, Santa Barbara, CA, USA.