Visible to the public Identity-Concealed Authenticated Encryption and Key Exchange

TitleIdentity-Concealed Authenticated Encryption and Key Exchange
Publication TypeConference Paper
Year of Publication2016
AuthorsZhao, Yunlei
Conference NameProceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security
Date PublishedOctober 2016
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4139-4
KeywordsAsymmetric Encryption, authenticated encryption, composability, Key exchange, Metrics, pubcrawl, Resiliency, white box, white box cryptography

Identity concealment and zero-round trip time (0-RTT) connection are two of current research focuses in the design and analysis of secure transport protocols, like TLS1.3 and Google's QUIC, in the client-server setting. In this work, we introduce a new primitive for identity-concealed authenticated encryption in the public-key setting, referred to as higncryption, which can be viewed as a novel monolithic integration of public-key encryption, digital signature, and identity concealment. We then present the security definitional framework for higncryption, and a conceptually simple (yet carefully designed) protocol construction. As a new primitive, higncryption can have many applications. In this work, we focus on its applications to 0-RTT authentication, showing higncryption is well suitable to and compatible with QUIC and OPTLS, and on its applications to identity-concealed authenticated key exchange (CAKE) and unilateral CAKE (UCAKE). Of independent interest is a new concise security definitional framework for CAKE and UCAKE proposed in this work, which unifies the traditional BR and (post-ID) frameworks, enjoys composability, and ensures very strong security guarantee. Along the way, we make a systematically comparative study with related protocols and mechanisms including Zheng's signcryption, one-pass HMQV, QUIC, TLS1.3 and OPTLS, most of which are widely standardized or in use.

Citation Keyzhao_identity-concealed_2016