Protocol HMQV; Protocol KEA ; Protocol Lemongrass-3; K_HMQV model; The AKE security.


Security models play an important role in analyzing the security of key exchange protocols. In which the security models CK [1], CK_HMQV [2], and eCK [3] are most commonly used. In [4], C.J.F Cremers pointed out that the security in these three models cannot be reduced together, i.e., a protocol that achieves security in any of the above models is not guaranteed that it will secure in the others. In addition, this work also points to several issues related to proving security for some of the protocols in these models, namely session matching. On the basis of [4], in this article, the security in the model  [2] was compared to the AKE security [8]. Besides, the report will point out a problem related to the implementation of Lemongrass-3 [9, 10], which achieves AKE security and then offer a solution to the problem.


[1]. Canetti, R., Krawczyk, H.: “Analysis of key-exchange protocols and their use for building secure channels”. In: EUROCRYPT'01. Volume 2045 of LNCS., Springer (2001) 453-474.

[2]. Krawczyk, H.: HMQV: “A high-performance secure Diffie-Hellman protocol”. In: CRYPTO 2005. Volume 3621 of Lecture Notes in Computer Science., Springer-Verlag (2005) 546-566.

[3]. LaMacchia, B., Lauter, K., Mityagin, A.: “Stronger security of authenticated key exchange”. In: ProvSec. Volume 4784 of Lecture Notes in Computer Science., Springer (2007) 1-16.

[4]. Cremers, C.: “Formally and Practically Relating the CK, CK-HMQV, and eCK Security Models for Authenticated Key Exchange”. IACR Cryptology ePrint Archive, 2009, 253.

[5]. Bellare, M., Rogaway, P.: “Entity authentication and key distribution”. In Annual international cryptology conference. Springer, Berlin, Heidelberg (1993, August) 232-249.

[6]. Bellare, M., Rogaway, P.: “Provably secure session key distribution: the three party case”. In Proceedings of the twenty-seventh annual ACM symposium on Theory of computing. ACM (1995, May) 57-66.

[7]. Bellare, M., Pointcheval, D., Rogaway, P.: “Authenticated key exchange secure against dictionary attacks”. In International conference on the theory and applications of cryptographic techniques. Springer, Berlin, Heidelberg (2000, May) 139-155.

[8]. Lauter, K., Mityagin, A.: “Security analysis of KEA authenticated key exchange protocol”. In International Workshop on Public Key Cryptography. Springer, Berlin, Heidelberg (2006, April) 378-394.

[9]. “Dự thảo Tiêu chuẩn cho giao thức trao đổi khóa của TC26”. Xem tại

[10]. Grebnev, S.: “Security properties of certain authenticated key exchange protocols”. CTCrypt 2014.



How to Cite

Triệu Quang Phong. “SOME ANALYSIS OF SECURITY MODEL FOR KEY EXCHANGE PROTOCOL”. Journal of Military Science and Technology, no. csce4, Dec. 2020, pp. 60-71,