Yvonne Hitchcock

Learn More
We examine various indistinguishability-based proof models for key establishment protocols, namely the Bellare & Rogaway (1993, 1995), the Bellare, Pointcheval, & Rogaway (2000), and the Canetti & Krawczyk (2001) proof models. We then consider several variants of these proof models, identify several subtle differences between these variants and models, and(More)
Proofs are invaluable tools in assuring protocol implementers about the security properties of protocols. However, several instances of undetected flaws in the proofs of protocols (resulting in flawed protocols) undermine the credibility of provably-secure protocols. In this work, we examine several protocols with claimed proofs of security by Boyd &(More)
We examine the role of session identifiers (SIDs) in security proofs for key establishment protocols. After reviewing the practical importance of SIDs we use as a case study the three-party server-based key distribution (3PKD) protocol of Bellare and Rogaway, proven secure in 1995. We show incidentally that the partnership function used in the existing(More)
Elliptic curve cryptosystems (eccs) are becoming more popular because of the reduced number of key bits required in comparison to other cryptosystems (for example, a 160 bit ecc has roughly the same security as 1024 bit rsa). Eccs are especially suited to smart cards because of the limited memory and computational power available on these devices.(More)
We examine the role of session key construction in provablysecure key establishment protocols. We revisit an ID-based key establishment protocol due to Chen & Kudla (2003) and an ID-based protocol 2P-IDAKA due to McCullagh & Barreto (2005). Both protocols carry proofs of security in a weaker variant of the Bellare & Rogaway (1993) model where the adversary(More)
A definition of secure multi-party key exchange in the Canetti-Krawczyk proof model is proposed, followed by a proof of the security of the Joux tripartite key agreement protocol according to that definition. The Joux protocol is then combined with two authentication mechanisms to produce a variety of provably secure key agreement protocols. The properties(More)
This paper examines the cryptographic security of fixed versus random elliptic curves over GF(p). It assumes a precomputation for use in breaking the elliptic curve discrete logarithm problem (ecdlp) can be made for fixed curves. A lower bound for the efficiency of a variation of Pollard’s rho method for solving multiple ecdlps is presented, as well as an(More)
We observe that the definitions of security in the computational complexity proof models of Bellare & Rogaway (1993) and Canetti & Krawczyk (2001) require two partners in the presence of a malicious adversary to accept the same session key, which we term a key sharing requirement. We then revisit the Bellare–Rogaway three-party key distribution (3PKD)(More)