Authenticated key exchange provably secure against the man-in-the-middle attack.

*(English)*Zbl 0994.94027Summary: The standard Diffie-Hellman key exchange is susceptible to an attack known as the man-in-the-middle attack. Lack of authentication in the protocol makes this attack possible. Adding separate authentication to the protocol solves the problem but adds extra transmission and computation costs. Protocols that combine the authentication with the key exchange (an authenticated key exchange) are more efficient, but until now none were provably secure against the man-in-the-middle attack. This paper describes an authenticated key exchange based on the difficulty of the \(q\)th-root problem, a problem believed to be equivalent to the discrete logarithm problem over groups of order \(q^{2}\) (where \(q\) is a large prime) and parallel to the square-root problem over the ring modulo \(N\), where \(N\) is a strong two prime composite integer. We show that mounting a man-in-the-middle attack for our protocol is equivalent to breaking the Diffie-Hellman problem in the group.