Continuous key agreement with reduced bandwidth

Nir Drucker; Shay Gueron

doi:10.1007/978-3-030-20951-3_3

Continuous key agreement with reduced bandwidth

Nir Drucker, Shay Gueron

Department of Mathematics

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Continuous Key Agreement (CKA) is a two-party procedure used by Double Ratchet protocols (e.Â g., Signal). This is a continuous and synchronous protocol that generates a fresh key for every sent/received message. It guarantees forward secrecy and post-compromise security. Alwen etÂ al. have recently proposed a new KEM-based CKA construction where every message contains a ciphertext and a fresh public key. This can be made quantum-safe by deploying a quantum-safe KEM. They mention that the bandwidth can be reduced when using an ElGamal KEM (which is not quantum-safe). In this paper, we generalized their approach by defining a new primitive, namely Merged KEM (MKEM). This primitive merges the key generation and the encapsulation steps of a KEM. This is not possible for every KEM and we discuss cases where a KEM can be converted to an MKEM. One example is the quantum-safe proposal BIKE1, where the BIKE-MKEM saves 50% of the communication bandwidth, compared to the original construction. In addition, we offer the notion and two constructions for hybrid CKA.

Original language	English
Title of host publication	Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings
Editors	Shlomi Dolev, Danny Hendler, Sachin Lodha, Moti Yung
Publisher	Springer Verlag
Pages	33-46
Number of pages	14
ISBN (Print)	9783030209506
DOIs	https://doi.org/10.1007/978-3-030-20951-3_3
State	Published - 2019
Event	3rd International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2019 - Beer Sheva, Israel Duration: 27 Jun 2019 → 28 Jun 2019

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	11527 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	3rd International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2019
Country/Territory	Israel
City	Beer Sheva
Period	27/06/19 → 28/06/19

Bibliographical note

Publisher Copyright:
© Springer Nature Switzerland AG 2019.

Keywords

BIKE
Code-based cryptography
Continuous Key Agreement
Double Ratchet protocol
Post Quantum Cryptography

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-030-20951-3_3

Cite this

Drucker, N., & Gueron, S. (2019). Continuous key agreement with reduced bandwidth. In S. Dolev, D. Hendler, S. Lodha, & M. Yung (Eds.), Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings (pp. 33-46). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11527 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-030-20951-3_3

Drucker, Nir ; Gueron, Shay. / Continuous key agreement with reduced bandwidth. Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings. editor / Shlomi Dolev ; Danny Hendler ; Sachin Lodha ; Moti Yung. Springer Verlag, 2019. pp. 33-46 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{dbd15769c00d4ff58ece26f6352bc3cc,

title = "Continuous key agreement with reduced bandwidth",

abstract = "Continuous Key Agreement (CKA) is a two-party procedure used by Double Ratchet protocols (e.{\^A} g., Signal). This is a continuous and synchronous protocol that generates a fresh key for every sent/received message. It guarantees forward secrecy and post-compromise security. Alwen et{\^A} al. have recently proposed a new KEM-based CKA construction where every message contains a ciphertext and a fresh public key. This can be made quantum-safe by deploying a quantum-safe KEM. They mention that the bandwidth can be reduced when using an ElGamal KEM (which is not quantum-safe). In this paper, we generalized their approach by defining a new primitive, namely Merged KEM (MKEM). This primitive merges the key generation and the encapsulation steps of a KEM. This is not possible for every KEM and we discuss cases where a KEM can be converted to an MKEM. One example is the quantum-safe proposal BIKE1, where the BIKE-MKEM saves 50% of the communication bandwidth, compared to the original construction. In addition, we offer the notion and two constructions for hybrid CKA.",

keywords = "BIKE, Code-based cryptography, Continuous Key Agreement, Double Ratchet protocol, Post Quantum Cryptography",

author = "Nir Drucker and Shay Gueron",

note = "Publisher Copyright: {\textcopyright} Springer Nature Switzerland AG 2019.; 3rd International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2019 ; Conference date: 27-06-2019 Through 28-06-2019",

year = "2019",

doi = "10.1007/978-3-030-20951-3_3",

language = "English",

isbn = "9783030209506",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "33--46",

editor = "Shlomi Dolev and Danny Hendler and Sachin Lodha and Moti Yung",

booktitle = "Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings",

address = "Germany",

}

Drucker, N & Gueron, S 2019, Continuous key agreement with reduced bandwidth. in S Dolev, D Hendler, S Lodha & M Yung (eds), Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11527 LNCS, Springer Verlag, pp. 33-46, 3rd International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2019, Beer Sheva, Israel, 27/06/19. https://doi.org/10.1007/978-3-030-20951-3_3

Continuous key agreement with reduced bandwidth. / Drucker, Nir; Gueron, Shay.
Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings. ed. / Shlomi Dolev; Danny Hendler; Sachin Lodha; Moti Yung. Springer Verlag, 2019. p. 33-46 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11527 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Continuous key agreement with reduced bandwidth

AU - Drucker, Nir

AU - Gueron, Shay

N1 - Publisher Copyright: © Springer Nature Switzerland AG 2019.

PY - 2019

Y1 - 2019

N2 - Continuous Key Agreement (CKA) is a two-party procedure used by Double Ratchet protocols (e.Â g., Signal). This is a continuous and synchronous protocol that generates a fresh key for every sent/received message. It guarantees forward secrecy and post-compromise security. Alwen etÂ al. have recently proposed a new KEM-based CKA construction where every message contains a ciphertext and a fresh public key. This can be made quantum-safe by deploying a quantum-safe KEM. They mention that the bandwidth can be reduced when using an ElGamal KEM (which is not quantum-safe). In this paper, we generalized their approach by defining a new primitive, namely Merged KEM (MKEM). This primitive merges the key generation and the encapsulation steps of a KEM. This is not possible for every KEM and we discuss cases where a KEM can be converted to an MKEM. One example is the quantum-safe proposal BIKE1, where the BIKE-MKEM saves 50% of the communication bandwidth, compared to the original construction. In addition, we offer the notion and two constructions for hybrid CKA.

AB - Continuous Key Agreement (CKA) is a two-party procedure used by Double Ratchet protocols (e.Â g., Signal). This is a continuous and synchronous protocol that generates a fresh key for every sent/received message. It guarantees forward secrecy and post-compromise security. Alwen etÂ al. have recently proposed a new KEM-based CKA construction where every message contains a ciphertext and a fresh public key. This can be made quantum-safe by deploying a quantum-safe KEM. They mention that the bandwidth can be reduced when using an ElGamal KEM (which is not quantum-safe). In this paper, we generalized their approach by defining a new primitive, namely Merged KEM (MKEM). This primitive merges the key generation and the encapsulation steps of a KEM. This is not possible for every KEM and we discuss cases where a KEM can be converted to an MKEM. One example is the quantum-safe proposal BIKE1, where the BIKE-MKEM saves 50% of the communication bandwidth, compared to the original construction. In addition, we offer the notion and two constructions for hybrid CKA.

KW - BIKE

KW - Code-based cryptography

KW - Continuous Key Agreement

KW - Double Ratchet protocol

KW - Post Quantum Cryptography

UR - http://www.scopus.com/inward/record.url?scp=85068221993&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-20951-3_3

DO - 10.1007/978-3-030-20951-3_3

M3 - Conference contribution

AN - SCOPUS:85068221993

SN - 9783030209506

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 33

EP - 46

BT - Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings

A2 - Dolev, Shlomi

A2 - Hendler, Danny

A2 - Lodha, Sachin

A2 - Yung, Moti

PB - Springer Verlag

T2 - 3rd International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2019

Y2 - 27 June 2019 through 28 June 2019

ER -

Drucker N, Gueron S. Continuous key agreement with reduced bandwidth. In Dolev S, Hendler D, Lodha S, Yung M, editors, Cyber Security Cryptography and Machine Learning - 3rd International Symposium, CSCML 2019, Proceedings. Springer Verlag. 2019. p. 33-46. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-20951-3_3

Continuous key agreement with reduced bandwidth

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this