Abstract:
The Security Evaluated Standardized Password Authenticated Key Exchange (SESPAKE) protocol is standardized in Russia as R 50.1.115-2016. The current paper provides analysis of the protocol in relevant adversary models. We define new indistinguishability-based adversary model with a threat of false authentication that is an extension of the original indistinguishability-based model up to the case of protocols with authentication step without key diversification. We prove the protocol security in two adversary models with a classic threat of distinguishing a generated session key from a random string and with a threat of false authentication.
Keywords:models and methods in information security, cryptographic protocols.
Fulltext:
PDF file (997 kB)