A Constructive Perspective on Key Encapsulation
Sandro Coretti, Ueli Maurer, and Björn Tackmann
A key-encapsulation mechanism (KEM) is a cryptographic primitive that allows anyone in possession of some partys public key to securely transmit a key to that party. A KEM can be viewed as a key-exchange protocol in which only a single message is transmitted; the main application is in combination with symmetric encryption to achieve public-key encryption of messages of arbitrary length.
The security of KEMs is usually defined in terms of a certain game that no efficient adversary can win with non-negligible advantage. A main drawback of game-based definitions is that they often do not have clear semantics, and that the security of each higher-level protocol that makes use of KEMs needs to be proved by showing a tailor-made security reduction from breaking the security of the KEM to breaking the security of the combined protocol.
We propose a novel approach to the security and applications of KEMs, following the constructive cryptography paradigm by Maurer and Renner (ICS 2011). The goal of a KEM is to construct a resource that models a shared key available to the honest parties. This resource can be used in designing and proving higher-level protocols; the composition theorem guarantees the security of the combined protocol without the need for a specific reduction.
BibTeX Citation
@inbook{CoMaTa13b,
author = {Sandro Coretti and Ueli Maurer and Björn Tackmann},
title = {A Constructive Perspective on Key Encapsulation},
editor = {Marc Fischlin and Stefan Katzenbeisser},
booktitle = {Number Theory and Cryptography},
pages = {226--239},
series = {Lecture Notes in Computer Science},
volume = {8260},
year = {2013},
publisher = {Springer},
}
Files and Links
- There are currently no associated files available.