Score:0

How to understand "Test() query can only be issued to a fresh session" in game-based security proof?

cn flag

In game-based security proof for key-exchange protocols, there is a Test query. The Test(U) query typically is only available to the adversary if the attacked instance U is fresh. (U represents either a participant or an oracle)

Fresh: Before the session expires, there is no SSReveal(U), SKReveal(U) or Corrupt(U) query that has been asked by the adversaries. Both U and its matching session are not locally exposed. Such session is called fresh.

SSReveal(U): this query allows the adversary to learn the session-specific state information held by U.

SKReveal(U): this query allows the adversary to learn the session key held by U.

Corrupt(U): this query allows the adversay to learn the long-term private key of U.

My questions is: if Test(U) can only be issued to fresh session, does that mean "the impersonation of the protocol participants (e.g, U) does not happen" is the premise of asking this query? If so, do we need to proof the mutual authenticity before we ask the Test(U) query?

Thank you.

Score:0
gb flag

if Test(U) can only be issued to fresh session, does that mean "the impersonation of the protocol participants (e.g, U) does not happen" is the premise of asking this query?

I don't quite understand the wording of your question, but $\mathsf{Test}(U)$ does not make sense if $U$ is a user. In authenticated key-exchange (AKE) security, you call $\mathsf{Test}$ against a session not a user, i.e., a specific instance of the key exchange protocol between two users. Neither user involved with that session which is being tested can be corrupted, because that would contradict the freshness of the session. If the adversary does not know the long-term keys, then they should not be able to impersonate the users (if the scheme is secure).

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.