Towards denial-of-service-resilient key agreement protocols

DoS-CMQV: A denial-of-service-resilient adaptation of the CMQV protocol.


Denial of services is an important practical consideration for key agreement protocols in any hostile environment such as the Internet. There are well-known models that consider the security of key agreement protocols, but denial of service resistance is not considered as part of these models. Many protocols have been argued to be denial of service-resistant, but in most cases the arguments are informal and it is not immediately clear how two denial of service resistance definitions relate to each other.

In this work we propose a formal definition of denial of service resistance, a model for secure authenticated key agreement, and show how security and denial of service resistance can be considered in a common framework. Our model accommodates a variety of techniques for achieving denial of service resistance, and we describe one such technique by exhibiting a denial of service-resistant secure authenticated key agreement protocol.

Keywords: denial of service, key agreement


Douglas Stebila, Berkant Ustaoglu. Towards denial-of-service-resilient key agreement protocols. In Colin Boyd, Juan González Nieto, editors, Proc. 14th Australasian Conference on Information Security and Privacy (ACISP) 2009, LNCS, vol. 5594, pp. 389-406. Springer, July 2009. © Springer.




This research was supported by:
  • NSERC Canada Graduate Scholarship