English

Merkle's Key Agreement Protocol is Optimal: An $O(n^2)$ Attack on any Key Agreement from Random Oracles

Computational Complexity 2019-04-02 v4
Authors: Boaz Barak , Mohammad Mahmoody
View on arXiv PDF

Abstract

We prove that every key agreement protocol in the random oracle model in which the honest users make at most nn queries to the oracle can be broken by an adversary who makes O(n2)O(n^2) queries to the oracle. This improves on the previous Ω~(n6)\widetilde{\Omega}(n^6) query attack given by Impagliazzo and Rudich (STOC '89) and resolves an open question posed by them. Our bound is optimal up to a constant factor since Merkle proposed a key agreement protocol in 1974 that can be easily implemented with nn queries to a random oracle and cannot be broken by any adversary who asks o(n2)o(n^2) queries.

Cite

@article{arxiv.0801.3669,
  title  = {Merkle's Key Agreement Protocol is Optimal: An $O(n^2)$ Attack on any Key Agreement from Random Oracles},
  author = {Boaz Barak and Mohammad Mahmoody},
  journal= {arXiv preprint arXiv:0801.3669},
  year   = {2019}
}

Comments

This version fixes a bug in the proof of the previous version of this paper, see "Correction of Error" paragraph and Appendix A

Related papers

View all related →
Computational Complexity · Computer Science
Breaking One-Round Key-Agreement Protocols in the Random Oracle Model
Miroslava Sotakova
2009-03-24
Cryptography and Security · Computer Science
On the Communication Complexity of Key-Agreement Protocols
Iftach Haitner, Noam Mazor, Rotem Oshman, Omer Reingold +1
2021-05-07
Quantum Physics · Physics
Key establishment \`a la Merkle in a quantum world
Gilles Brassard, Peter Hoyer, Kassem Kalach, Marc Kaplan +2
2015-02-16
Quantum Physics · Physics
Provably secure key establishment against quantum adversaries
Aleksandrs Belovs, Gilles Brassard, Peter Hoyer, Marc Kaplan +2
2021-03-23
Distributed, Parallel, and Cluster Computing · Computer Science
Nearly-Optimal Consensus Tolerating Adaptive Omissions: Why is a Lot of Randomness Needed?
Mohammad T. Hajiaghayi, Dariusz R. Kowalski, Jan Olkowski
2024-05-27
Quantum Physics · Physics
Tight Bounds for Inverting Permutations via Compressed Oracle Arguments
Ansis Rosmanis
2022-01-21
Quantum Physics · Physics
A Private Quantum Bit String Commitment
Mariana Gama, Paulo Mateus, André Souto
2020-04-22
Computational Complexity · Computer Science
Lower Bounds on Signatures from Symmetric Primitives
Boaz Barak, Mohammad Mahmoody
2019-04-02
Quantum Physics · Physics
Superposition Attacks on Cryptographic Protocols
Ivan Damgaard, Jakob Funder, Jesper Buus Nielsen, Louis Salvail
2011-09-01
Quantum Physics · Physics
Quantum Advantage with Faulty Oracle
David Rasmussen Lolck, Laura Mančinska, Manaswi Paraashar
2024-11-08
Machine Learning · Computer Science
How to Query An Oracle? Efficient Strategies to Label Data
Farshad Lahouti, Victoria Kostina, Babak Hassibi
2021-10-07
Machine Learning · Computer Science
Optimal Clustering with Noisy Queries via Multi-Armed Bandit
Jinghui Xia, Zengfeng Huang
2022-07-13
Distributed, Parallel, and Cluster Computing · Computer Science
Breaking the O(n^2) Bit Barrier: Scalable Byzantine agreement with an Adaptive Adversary
Valerie King, Jared Saia
2010-02-25
Cryptography and Security · Computer Science
On the Security of Wang's Provably Secure Identity-based Key Agreement Protocol
Maurizio Adriano Strangio
2013-12-17
Quantum Physics · Physics
Limitation of Quantum Walk Approach to the Maximum Matching Problem
Alcides Gomes Andrade Júnior, Akira Matsubayashi
2025-10-31
Quantum Physics · Physics
Oracles and query lower bounds in generalised probabilistic theories
Howard Barnum, Ciarán M. Lee, John H. Selby
2018-07-30
Information Theory · Computer Science
Robust Key Agreement Schemes
Terence Chan, Ning Cai, Alex Grant
2009-01-30
Distributed, Parallel, and Cluster Computing · Computer Science
Population Protocols for Exact Plurality Consensus -- How a small chance of failure helps to eliminate insignificant opinions
Gregor Bankhamer, Petra Berenbrink, Felix Biermeier, Robert Elsässer +3
2024-02-12
Networking and Internet Architecture · Computer Science
Secure End-to-End Communication with Optimal Throughput in Unreliable Networks
Paul Bunn, Rafail Ostrovsky
2013-10-29
Distributed, Parallel, and Cluster Computing · Computer Science
A Generic Efficient Biased Optimizer for Consensus Protocols
Yehonatan Buchnik, Roy Friedman
2019-08-08
Cryptography and Security · Computer Science
ACon$^2$: Adaptive Conformal Consensus for Provable Blockchain Oracles
Sangdon Park, Osbert Bastani, Taesoo Kim
2023-03-08
Quantum Physics · Physics
Authenticated Multiparty Quantum Key Agreement for Optical-Ring Quantum Communication Networks
Li-Zhen Gao, Xin Zhang, Song Lin, Ning Wang +1
2023-04-03
Distributed, Parallel, and Cluster Computing · Computer Science
Breaking the $\tilde\Omega(\sqrt{n})$ Barrier: Fast Consensus under a Late Adversary
Peter Robinson, Christian Scheideler, Alexander Setzer
2018-05-03
Quantum Physics · Physics
Quantum Oracle Interrogation: Getting all information for almost half the price
Wim van Dam
2007-05-23
Data Structures and Algorithms · Computer Science
Random-Order Interval Selection
Allan Borodin, Christodoulos Karavasilis
2025-06-03
R2 v1 2026-06-21T10:05:54.096Z