RSA Laboratories - An unknown key-share attack on the MQV key agreement protocol. ACM TISSEC, 2001.

Dr. Ari Juels Dr. Alina Oprea Kevin Bowers Dr. Nikos Triandopoulos Dr. Ting-Fang Yen Guoying Luo Prof. Ronald L. Rivest John Brainard Todd S. Leetham RSA Labs is Hiring	Burton S. Kaliski Jr. Citation:An unknown key-share attack on the MQV key agreement protocol. ACM Transactions on Information and System Security, vol. 4, no. 3, August 2001, pages 275-288. Preliminary version presented at RSA Conference 2000 Europe, Munich, Germany, April 10-13, 2000. Abstract: The MQV key agreement protocol, a technique included in recent standards, is shown in its basic form to be vulnerable to an unknown key-share attack. Although the attack’s practical impact on security is minimal — a key confirmation step easily prevents it — the attack is noteworthy in the principles it indicates about protocol design. First, minor “efficiency improvements” can significantly alter the security properties of a protocol. Second, protocol analysis must consider potential interactions with all parties, not just those that are normally on-line. Finally, attacks must be assessed in terms of system requirements, not just in isolation. ACM Portal link to paper Click here for slides Top of Page	Selected Publications and Presentations On the security of RSA encryption in TLS. CRYPTO 2002. On hash function firewalls in signature schemes. CT-RSA 2002. An unknown key-share attack on the MQV key agreement protocol. ACM TISSEC, 2001. Server-assisted generation of a strong secret from a password. WET ICE 2000. Efficient finite field basis conversion involving dual bases. CHES'99. Emerging standards for public-key cryptography. Lectures on Data Security: Modern Cryptology in Theory and Practice, 1999. Storage-efficient finite field basis conversion. SAC'98. Proofs for Two-Server Password Authentication. CT-RSA 2005
		Email to a friend Print

Learn More...

Burton S. Kaliski Jr.