Entity Authentication and Key Distribution


Author: Mihir Bellare and Phillip Rogaway

Reference: Advances in Cryptology - CRYPTO 93, Lecture Notes in Computer Science Vol. 773, D. Stinson, ed., Springer-Verlag, 1994.

Abstract: Entity authentication and authenticated key exchange are central problems in secure distributed computing but, up until now, they have lacked satisfactory definitions and proven-correct solutions. One consequence is that unsound or unanalyzable protocols continue to proliferate. This paper provides the first treatment of entity authentication and authenticated key exchange in the complexity-theoretic framework of modern cryptography. Addressed in detail are problems of the two-party setting: mutual authentication and mutual authentication with the concomitant exchange of a session key. We treat both the shared-key and public-key versions of these problems. For each we present a definition, protocol, and proof that the protocol achieves the definition, assuming a minimal complexity-theoretic assumption. When this assumption is appropriately instantiated, the protocols given are practical and efficient.


Full version available in PostScript or gzipped PostScript or pdf .


Rogaway's home page.