Abstract

In this paper, we propose an authenticated key exchange (AKE) protocol under the computationalDiffie-Hellman (CDH) assumption with respect to the strengthened eCK-security (seCK-security) ofSarret al.. To date, many AKE protocols either are provably secure under a rather strong and non-standard assumption named as the gap Diffie-Hellman (GDH) assumption, or fall to practical attackson the intermediate result leakage which can be captured by the seCK model. In order to removethe gap assumption and to achieve stronger security requirements, we present the TMQV protocolusing the twinning technique and the MQV key derivation method. With the help of trapdoor testtheorem, TMQV is provably seCK-secure under the standard CDH assumption in the random oraclemodel. Compared with the related works, TMQV achieves not only stronger security but also higherimplementation efficiency with weaker cryptographic assumptions.