Provably Secure Commitment-based Protocols over Unauthenticated Channels

TL;DR

This paper introduces a new security framework based on commitment schemes for protocols over unauthenticated channels, analyzing their security and robustness against attacks.

Contribution

It proposes an alternative model for secure communication without long-term cryptographic exchange, applicable to both KEX and KEM primitives.

Findings

Protocols are resistant to Man-in-the-Middle attacks.

The model applies to both established and new cryptographic paradigms.

Practical protocols are provided for implementation.

Abstract

In this work we construct an alternative Unauthenticated Model, intended to build a theoretic security framework to cover communications protocols whose characteristics may not always concur with the specifics of already existing models for authenticated exchanges. This model is constructed from the notion of commitment schemes, employing ephemeral information, therefore avoiding the exchange of long-term cryptographic material. From this model, we propose a number of Commitment-based protocols to establish a shared secret between two parties, and study their resistance over unauthenticated channels. This means analyzing the security of the protocol itself, and its robustness against Man-in-the-Middle attacks, by formalizing their security under this model. The key-exchange protocols are constructed from KEX and KEM primitives, to show that this model can be applied to both established and new paradigms. We highlight the differences that arise naturally, due to the nature of KEM constructions, in terms of the protocol itself and the types of attacks that they are subject to. We provide practical go-to protocols instances to migrate to, both for KEM-based and KEX-based cryptographic primitives.