School of Computing Science


Bridging theory and practice in key exchange protocols

The first objective is to develop new formal models that capture the sixth robustness principle. In the key exchange area, several formal models have been proposed, but they all seem deficient in some way. To date, there is still no consensus on which exact model is the "right" model. We believe the sixth principle is a crucial element that is missing from the existing formal model definitions.

The second goal is to standardize robust key exchange protocols, particularly, J-PAKE. Currently, there lacks a standard Password Authenticated Key Exchange (PAKE) protocol that is robust, efficient and free. Candidate schemes specified in the IEEE P1363.2 standard have all been found with security flaws. On the other hand, our J-PAKE protocol has stood years of cryptanalysis and has been widely deployed in practical applications. Its standardization is a natural step forward and will benefit the security industry in general.

Finally, we will aim to develop more key exchange protocols based on the Public Key Juggling technique and the sixth robustness principle. Existing key exchange protocols have generally discarded the prudent sixth robustness principle for the worry that the protocol would become inefficient. We believe there is no fundamental conflict between the protocol robustness and the efficiency. And we propose to combine the sixth principle and Public Key Juggling to achieve both the robustness and efficiency.