[Resource Topic] 2005/265: Security Analysis of KEA Authenticated Key Exchange Protocol

Welcome to the resource topic for 2005/265

Security Analysis of KEA Authenticated Key Exchange Protocol

Authors: Kristin Lauter, Anton Mityagin


KEA is a Diffie-Hellman based key-exchange protocol
developed by NSA which provides mutual authentication for the
parties. It became publicly available in 1998 and since then it was
neither attacked nor proved to be secure. We analyze the security of
KEA and find that the original protocol is susceptible to a class of
attacks. On the positive side, we present a simple modification of
the protocol which makes KEA secure. We prove that the modified
protocol, called KEA+, satisfies the strongest security requirements
for authenticated key-exchange and that it retains some security
even if a secret key of a party is leaked. Our security proof is in
the random oracle model and uses the Gap Diffie-Hellman assumption.
Finally, we show how to add a key confirmation feature to KEA+ (we
call the version with key confirmation KEA+C) and discuss the
security properties of KEA+C.

ePrint: https://eprint.iacr.org/2005/265

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .