Deep Random based Key Exchange protocol resisting unlimited MITM

TL;DR

This paper introduces a novel key exchange protocol that combines Deep Random secrecy and universal hashing to achieve unconditional security against unlimited active MITM attackers, ensuring secure mutual authentication and key sharing.

Contribution

The paper presents a new protocol that guarantees resistance to unlimited MITM attacks using Deep Random secrecy combined with universal hashing, with formal proofs of security and detection capabilities.

Findings

Protocol resists unlimited MITM attacks

No residual information leaked after successful exchange

Unsuccessful attempts are detectable by legitimate parties

Abstract

We present a protocol enabling two legitimate partners sharing an initial secret to mutually authenticate and to exchange an encryption session key. The opponent is an active Man In The Middle (MITM) with unlimited computation and storage capacities. The resistance to unlimited MITM is obtained through the combined use of Deep Random secrecy, formerly introduced and proved as unconditionally secure against passive opponent for key exchange, and universal hashing techniques. We prove the resistance to MITM interception attacks, and show that (i) upon successful completion, the protocol leaks no residual information about the current value of the shared secret to the opponent, and (ii) that any unsuccessful completion is detectable by the legitimate partners. We also discuss implementation techniques.