Abstract:
This paper studies the security of the authenticated key establishment protocols against the adversary who has the capability to force the participants to use of ephemeral public values. The paper substantiates the relevance of considering this capability, describes, in particular, attacks on the SIGMA, SIGMA-R, STS-MAC, Echinacea-3 protocols and the post-quantum BKM-KK protocol, and discusses the design features of protocols that allow to protect against attacks of this type.
Fulltext:
PDF file (664 kB)