Skip to Main Content
Recently, three key exchange protocols were proposed that integrated the Diffie-Hellman key exchange into the digital signature algorithm (DSA). It was claimed that the protocols provide known-key security and unknown key-share resilience, while the most advanced variant also provides key-replay resilience. However, we show in this paper that the protocols do not provide forward secrecy and key freshness which are two of the standard security attributes that key exchange protocols should have. We also fix the protocols such that they provide these security attributes.
Date of Publication: Jun 2005