dc.contributor.author Cohn-Gordon, Katriel dc.contributor.author Cremers, Cas dc.contributor.author Gjøsteen, Kristian dc.contributor.author Jacobsen, Håkon dc.contributor.author Jager, Tibor dc.date.accessioned 2020-01-24T10:03:53Z dc.date.available 2020-01-24T10:03:53Z dc.date.created 2019-09-30T11:03:39Z dc.date.issued 2019 dc.identifier.citation Lecture Notes in Computer Science (LNCS). 2019, 11694 LNCS 767-797. nb_NO dc.identifier.issn 0302-9743 dc.identifier.uri http://hdl.handle.net/11250/2637773 dc.description.abstract In this paper we give nearly tight reductions for modern implicitly authenticated Diffie-Hellman protocols in the style of the Signal and Noise protocols, which are extremely simple and efficient. Unlike previous approaches, the combination of nearly tight proofs and efficient protocols enables the first real-world instantiations for which the parameters can be chosen in a theoretically sound manner, i.e., according to the bounds of the reductions. Specifically, our reductions have a security loss which is only linear in the number of users µ and constant in the number of sessions per user . This is much better than most other key exchange proofs which are typically quadratic in the product µ. Combined with the simplicity of our protocols, this implies that our protocols are more efficient than the state of the art when soundly instantiated. We also prove that our security proofs are optimal: a linear loss in the number of users is unavoidable for our protocols for a large and natural class of reductions. nb_NO dc.language.iso eng nb_NO dc.publisher Springer Verlag nb_NO dc.title Highly Efficient Key Exchange Protocols with Optimal Tightness nb_NO dc.type Journal article nb_NO dc.type Peer reviewed nb_NO dc.description.version acceptedVersion nb_NO dc.source.pagenumber 767-797 nb_NO dc.source.volume 11694 LNCS nb_NO dc.source.journal Lecture Notes in Computer Science (LNCS) nb_NO dc.identifier.doi 10.1007/978-3-030-26954-8_25 dc.identifier.cristin 1731189 dc.description.localcode This is a post-peer-review, pre-copyedit version of an article. Locked until 1.8.2020 due to copyright restrictions. The final authenticated version is available online at: http://dx.doi.org/10.1007/978-3-030-26954-8_25 nb_NO cristin.unitcode 194,63,15,0 cristin.unitname Institutt for matematiske fag cristin.ispublished true cristin.fulltext postprint cristin.qualitycode 1
﻿