[en] Security models for PAKE protocols aim to capture the desired security properties that such protocols must satisfy when executed in the presence of an active adversary. They are usually classified into i) indistinguishability-based (IND-based) or ii) simulation-based (SIM-based). The relation between these two security notions is unclear and mentioned as a gap in the literature. In this work, we prove that the SIM-based model of Boyko, Mackenzie and Patel [EUROCRYPT00] and the IND-based model of Abdalla, Fouque and Pointcheval are equivalent, in the sense that a protocol proven secure in one model is also secure in the other model.
Research center :
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Applied Security and Information Assurance Group (APSIA)
Disciplines :
Computer science
Author, co-author :
Lopez Becerra, José Miguel ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Iovino, Vincenzo ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Skrobot, Marjan ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Language :
English
Title :
On the Relation Between SIM and IND-RoR Security Models for PAKEs
Publication date :
09 March 2017
Event name :
Grande Region Security and Reliability Day 2017
Event organizer :
University of Luxembourg
Event place :
Luxembourg Ville, Luxembourg
Event date :
09 - 03 -2017
Audience :
International
Focus Area :
Computational Sciences
FnR Project :
FNR8293135 - A Theory Of Matching Sessions, 2014 (01/05/2015-30/04/2018) - Peter Y. A. Ryan
Commentary :
This was a work in progress, presented at the Grande Region Security and Reliability Day 2017.