Two-Message Authenticated Key Exchange from Public-Key Encryption

Abstract

In two-message authenticated key exchange (AKE), it is necessary for the initiator to keep a round state after sending the first round-message, because he/she has to derive his/her session key after receiving the second round-message. Up to now almost all two-message AKEs constructed from public-key encryption (PKE) only achieve weak security which does not allow the adversary obtaining the round state. How to support state reveal to obtain a better security called IND-AA security has been an open problem proposed by Hövelmann et al. (PKC 2020).

In this paper, we solve the open problem with a generic construction of two-message AKE from any CCA-secure Tagged Key Encapsulation Mechanism (TKEM). Our AKE supports state reveal and achieves IND-AA security. Given the fact that CCA-secure public-key encryption (PKE) implies CCA-secure TKEM, our AKE can be constructed from any CCA-secure PKE with proper message space. The abundant choices for CCA-secure PKE schemes lead to many IND-AA secure AKE schemes in the standard model. Moreover, following the online-extractability technique in recent work by Don et al. (Eurocrypt 2022), we can extend the Fujisaki-Okamoto transformation to transform any CPA-secure PKE into a CCA-secure Tagged KEM in QROM. Therefore, we obtain the first generic construction of IND-AA secure two-message AKE from CPA-secure PKE in QROM. This construction does not need any signature scheme, and this result is especially helpful in the post-quantum world, since the current quantum-secure PKE schemes are much more efficient than their signature counterparts.

Appendices

Appendix

A PRG, PRF, One-Wayness and TCR of Hash Function

Definition 11

(PRG). Pseudo-Random Generator (PRG) is a polynomially computable deterministic function \(\textsf{PRG}: \mathcal {K}\rightarrow \mathcal {K}'\), where \(\mathcal {K}\) is seed space and \(\mathcal {K}'\) is output space with \(|\mathcal {K}| < |\mathcal {K}'|\). The pseudo-randomness of \(\textsf{PRG}\) requires \(\textsf{Adv}_{\textsf{PRG}}^{\textsf{ps}}(\mathcal {A})=\textsf{negl}(\lambda )\) for all PPT \(\mathcal {A}\), where

Definition 12

(PRF). Pseudo-Random Function (PRF) is a polynomially computable deterministic function \(\textsf{PRF}: \mathcal {K}\times \mathcal {X}\rightarrow \mathcal {Y}\), with key space \(\mathcal {K}\), input space \(\mathcal {K}\) and output space \(\mathcal {Y}\). the advantage function of an adversary \(\mathcal {A}\) is defined by

where \(\mathcal {O}_{\textsf{PRF}}(x)\) returns \(\textsf{PRF}(k,x)\) and \(x^*\) is never queried to \(\mathcal {O}_{\textsf{PRF}}(\cdot )\). The pseudo-randomness of \(\textsf{PRF}\) requires \(\textsf{Adv}_{\textsf{PRF}}^{\textsf{ps}}(\mathcal {A}) = \textsf{negl}(\lambda )\) for all PPT \(\mathcal {A}\).

Definition 13

(One-Wayness of Hash). A hash family \(\mathcal {H}=\{\textsf{H}:\{0,1\}^n\rightarrow \{0,1\}^{\ell (n)}\}\) has One-Wayness if the advantage functions of an adversary \(\mathcal {A}\) defined by \(\textsf{Adv}_{\textsf{H}}^{\textsf{owf}}(\mathcal {A}):= \Pr \left[ \textsf{Exp}_{\textsf{H}}^{\textsf{owf}}\Rightarrow 1 \right] \) is negligible for all PPT \(\mathcal {A}\), where the experiments \(\textsf{Exp}_{\textsf{H}}^{\textsf{owf}}\) are defined in Fig. 7 (left).

Definition 14

(TCR of Hash). A hash family \(\mathcal {H}=\{\textsf{H}:\{0,1\}^n\rightarrow \{0,1\}^{\ell (n)}\}\) is Target Collision Resistant (TCR), if the advantage function of adversary \(\mathcal {A}\) defined by \(\textsf{Adv}_{\textsf{H}}^{\textsf{tcr}}(\mathcal {A}):= \Pr \left[ \textsf{Exp}_{\textsf{H}}^{\textsf{tcr}}\Rightarrow 1 \right] \) is negligible for all PPT \(\mathcal {A}\), where the experiments \(\textsf{Exp}_{\textsf{H}}^{\textsf{tcr}}\) are defined in Fig. 7 (right).

When \(n-\ell (n)\ge \lambda \), TCR property of \(\mathcal {H}\) implies one-wayness.

Fig. 7.

\(\textsf{Exp}_{\textsf{H}}^{\textsf{owf}}\) (left) and \(\textsf{Exp}_{\textsf{H}}^{\textsf{tcr}}\) (right) for \(\mathcal {H}\).

B The Final AKE in QROM

• \(G: \mathcal {K}\times \mathcal {T}\rightarrow \mathcal {R}\), which is used to generate randomness in \(\textsf{PKE}\).

• \(\textsf{H}: \mathcal {K}\rightarrow \varSigma \), which is used as a target collision resistant hash function. Here \(\mathcal {K}= \varSigma \times \varSigma \),

• \(H_1: \mathcal {K}\times \mathcal {T}\rightarrow \mathcal {K}\), which is used to generate encapsulation key.

• \(H_2: \mathcal {K}\times \{0,1\} \rightarrow \mathcal {K}\), which is used as a pseudo-random generator.

• \(H: \{0,1\}^* \rightarrow \mathcal {K}\), which is used to generate session key.

Fig. 8.

Generic construction of AKE from CPA-secure PKE in QROM.

C The Security Experiment \(\textsf{Exp}_{\textsf{AKE},\mu ,\ell ,\mathcal {A}}^{\textsf{IND}\text {-}\textsf{AA}\text {-}{b}}\)

The security experiment \(\textsf{Exp}_{\textsf{AKE},\mu ,\ell ,\mathcal {A}}^{\textsf{IND}\text {-}\textsf{AA}\text {-}{b}}\) is shown in Fig. 9.

Fig. 9.

The security experiments \(\textsf{Exp}_{\textsf{AKE},\mu ,\ell ,\mathcal {A}}^{\textsf{IND}\text {-}\textsf{AA}\text {-}{b}}\) where \(b \in \{0,1\}\), where \(\mathcal {O}_{\textsf{AKE}}:=\{ \textsf{EST},\textsf{INIT},\mathsf {DER_{resp}},\mathsf {DER_{init}},\textsf{REVEAL},\mathsf {REV\text {-}STATE},\textsf{CORRUPT},\textsf{TEST}\}.\)