Geodesic
Considering two MAC under SIG variants of the basic SIGMA protocol
Matematičeskie voprosy kriptografii, Tome 10 (2019) no. 2, pp. 145-158 Cet article a éte moissonné depuis la source Math-Net.Ru

Voir la notice de l'article

In this paper we consider two variants of the basic SIGMA protocol in which the MAC tag is not sent separately but rather it is computed under the signature operation. As a consequence, both these variants are secure in the Canetti–Krawczyk “post-specified peer” model. 
@article{MVK_2019_10_2_a12,
     author = {Trieu Quang Phong},
     title = {Considering two {MAC} under {SIG} variants of the basic {SIGMA} protocol},
     journal = {Matemati\v{c}eskie voprosy kriptografii},
     pages = {145--158},
     year = {2019},
     volume = {10},
     number = {2},
     language = {en},
     url = {http://geodesic.mathdoc.fr/item/MVK_2019_10_2_a12/}
}
TY  - JOUR
AU  - Trieu Quang Phong
TI  - Considering two MAC under SIG variants of the basic SIGMA protocol
JO  - Matematičeskie voprosy kriptografii
PY  - 2019
SP  - 145
EP  - 158
VL  - 10
IS  - 2
UR  - http://geodesic.mathdoc.fr/item/MVK_2019_10_2_a12/
LA  - en
ID  - MVK_2019_10_2_a12
ER  - 
%0 Journal Article
%A Trieu Quang Phong
%T Considering two MAC under SIG variants of the basic SIGMA protocol
%J Matematičeskie voprosy kriptografii
%D 2019
%P 145-158
%V 10
%N 2
%U http://geodesic.mathdoc.fr/item/MVK_2019_10_2_a12/
%G en
%F MVK_2019_10_2_a12
Trieu Quang Phong. Considering two MAC under SIG variants of the basic SIGMA protocol. Matematičeskie voprosy kriptografii, Tome 10 (2019) no. 2, pp. 145-158. http://geodesic.mathdoc.fr/item/MVK_2019_10_2_a12/

[1] D. Harkins, D. Carreal, The Internet key-exchange (IKE), Tech. Rep. 2409, IETF (The Internet Engineering Task Force), New York, NY, USA

[2] R. Canetti, H. Krawczyk, “Analysis of key exchange protocols and their use for building secure channels”, Lect. Notes Comput. Sci., 2045, 2001, 453–474 | DOI | MR | Zbl

[3] R. Canetti, H. Krawczyk, “Security analysis of IKE's signature-based key-exchange protocol”, CRYPTO 2002, Lect. Notes Comput. Sci., 2442, 2002, 143–161 | DOI | MR | Zbl

[4] H. Krawczyk, “SIGMA: The 'SIGn-and-MAc'approach to authenticated Diffie-Hellman and its use in the IKE protocols”, Lect. Notes Comput. Sci., 2729 (2003), 400–425 | DOI | MR | Zbl

[5] A. Menezes, B. Ustaoglu, “Comparing the pre- and post-specified peer models for key agreement”, Lect. Notes Comput. Sci., 5107, 2008, 53–68 | DOI | MR | Zbl

[6] Z. Yang, “Efficient eCK-Secure Authenticated Key Exchange Protocols in the Standard Model”, Lect. Notes Comput. Sci., 8233, 2013, 185–193 | DOI | MR | Zbl

[7] A. C. C. Yao, Y. Zhao, “Privacy-preserving authenticated key-exchange over Internet”, IEEE Trans. Inf. Forensics and Security, 9:1 (2014), 125–140 | DOI

[8] C. Kaufman, P. Hoffman, Y. Nir, P. Eronen, T. Kivinen, Internet key exchange protocol version 2 (IKEv2), RFC 7296, 2014

[9] H. Krawczyk, H. Wee, “"The OPTLS protocol and TLS 1.3”, 2016 IEEE Eur. Symp. Security and Privacy, 2016, 81–96 | DOI