Skip to Main content Skip to Navigation
Conference papers

Forward Secure Non-Interactive Key Exchange

David Pointcheval 1, 2, 3 Olivier Sanders 1, 2, 3, 4
2 CASCADE - Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities
DI-ENS - Département d'informatique de l'École normale supérieure, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR 8548
Abstract : Exposure of secret keys is a major concern when cryptographic protocols are implemented on weakly secure devices. Forward security is thus a way to mitigate damages when such an event occurs. In a forward-secure scheme, the public key is indeed fixed while the secret key is updated with a one-way process at regular time periods so that security of the scheme is ensured for any period prior to the exposure, since previous secret keys cannot be recovered from the corrupted one. Efficient constructions have been proposed for digital signatures or public-key encryption schemes, but none for non-interactive key exchange protocols, while the non-interactivity makes them quite vulnerable since the public information cannot evolve from an execution to another one.In this paper we present a forward-secure non-interactive key exchange scheme with sub-linear complexity in the number of time periods. Our protocol is described using generic leveled multilinear maps, but we show that it is compatible with the recently introduced candidates for such maps. We also discuss various security models for this primitive and prove that our scheme fulfills them, under standard assumptions.
Document type :
Conference papers
Complete list of metadata
Contributor : David Pointcheval <>
Submitted on : Saturday, November 29, 2014 - 11:01:29 PM
Last modification on : Thursday, July 1, 2021 - 5:58:06 PM

Links full text




David Pointcheval, Olivier Sanders. Forward Secure Non-Interactive Key Exchange. SCN '14, Sep 2014, Amalfi, Italy. pp.21-39, ⟨10.1007/978-3-319-10879-7_2⟩. ⟨hal-01089001⟩



Record views