Geodesic
Considering two MAC under SIG variants of the basic SIGMA protocol
Matematičeskie voprosy kriptografii, Tome 10 (2019) no. 2, pp. 145-158 
Trieu Quang Phong. Considering two MAC under SIG variants of the basic SIGMA protocol. Matematičeskie voprosy kriptografii, Tome 10 (2019) no. 2, pp. 145-158. http://geodesic.mathdoc.fr/item/MVK_2019_10_2_a12/
@article{MVK_2019_10_2_a12,
     author = {Trieu Quang Phong},
     title = {Considering two {MAC} under {SIG} variants of the basic {SIGMA} protocol},
     journal = {Matemati\v{c}eskie voprosy kriptografii},
     pages = {145--158},
     year = {2019},
     volume = {10},
     number = {2},
     language = {en},
     url = {http://geodesic.mathdoc.fr/item/MVK_2019_10_2_a12/}
}
TY  - JOUR
AU  - Trieu Quang Phong
TI  - Considering two MAC under SIG variants of the basic SIGMA protocol
JO  - Matematičeskie voprosy kriptografii
PY  - 2019
SP  - 145
EP  - 158
VL  - 10
IS  - 2
UR  - http://geodesic.mathdoc.fr/item/MVK_2019_10_2_a12/
LA  - en
ID  - MVK_2019_10_2_a12
ER  - 
%0 Journal Article
%A Trieu Quang Phong
%T Considering two MAC under SIG variants of the basic SIGMA protocol
%J Matematičeskie voprosy kriptografii
%D 2019
%P 145-158
%V 10
%N 2
%U http://geodesic.mathdoc.fr/item/MVK_2019_10_2_a12/
%G en
%F MVK_2019_10_2_a12

Voir la notice de l'article provenant de la source Math-Net.Ru

In this paper we consider two variants of the basic SIGMA protocol in which the MAC tag is not sent separately but rather it is computed under the signature operation. As a consequence, both these variants are secure in the Canetti–Krawczyk “post-specified peer” model.

[1] D. Harkins, D. Carreal, The Internet key-exchange (IKE), Tech. Rep. 2409, IETF (The Internet Engineering Task Force), New York, NY, USA

[2] R. Canetti, H. Krawczyk, “Analysis of key exchange protocols and their use for building secure channels”, Lect. Notes Comput. Sci., 2045, 2001, 453–474 | DOI | MR | Zbl

[3] R. Canetti, H. Krawczyk, “Security analysis of IKE's signature-based key-exchange protocol”, CRYPTO 2002, Lect. Notes Comput. Sci., 2442, 2002, 143–161 | DOI | MR | Zbl

[4] H. Krawczyk, “SIGMA: The 'SIGn-and-MAc'approach to authenticated Diffie-Hellman and its use in the IKE protocols”, Lect. Notes Comput. Sci., 2729 (2003), 400–425 | DOI | MR | Zbl

[5] A. Menezes, B. Ustaoglu, “Comparing the pre- and post-specified peer models for key agreement”, Lect. Notes Comput. Sci., 5107, 2008, 53–68 | DOI | MR | Zbl

[6] Z. Yang, “Efficient eCK-Secure Authenticated Key Exchange Protocols in the Standard Model”, Lect. Notes Comput. Sci., 8233, 2013, 185–193 | DOI | MR | Zbl

[7] A. C. C. Yao, Y. Zhao, “Privacy-preserving authenticated key-exchange over Internet”, IEEE Trans. Inf. Forensics and Security, 9:1 (2014), 125–140 | DOI

[8] C. Kaufman, P. Hoffman, Y. Nir, P. Eronen, T. Kivinen, Internet key exchange protocol version 2 (IKEv2), RFC 7296, 2014

[9] H. Krawczyk, H. Wee, “"The OPTLS protocol and TLS 1.3”, 2016 IEEE Eur. Symp. Security and Privacy, 2016, 81–96 | DOI