SIGMA: the SIGn‑and‑MAc approach to authenticated Diffie‑Hellman
E831959
"SIGMA: the SIGn‑and‑MAc approach to authenticated Diffie‑Hellman" is a foundational cryptographic protocol framework that securely combines digital signatures and message authentication codes to provide authenticated key exchange in Diffie‑Hellman–based systems and underlies the design of several widely used Internet security protocols.
All labels observed (1)
| Label | Occurrences |
|---|---|
| SIGMA: the SIGn‑and‑MAc approach to authenticated Diffie‑Hellman canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T9961805 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: SIGMA: the SIGn‑and‑MAc approach to authenticated Diffie‑Hellman Context triple: [Hugo Krawczyk, notableWork, SIGMA: the SIGn‑and‑MAc approach to authenticated Diffie‑Hellman]
-
A.
Secrecy, Authentication, and Public Key Systems
"Secrecy, Authentication, and Public Key Systems" is Ralph Merkle's influential doctoral thesis that helped lay the foundations of modern public-key cryptography and secure communication protocols.
-
B.
Curve25519-based schemes
Curve25519-based schemes are cryptographic protocols and algorithms that use the Curve25519 elliptic curve to provide efficient, high-security public-key operations such as key exchange and digital signatures.
-
C.
Diffie–Hellman key exchange
Diffie–Hellman key exchange is a foundational cryptographic protocol that enables two parties to securely establish a shared secret over an insecure communication channel.
-
D.
Simultaneous Authentication of Equals
Simultaneous Authentication of Equals is a secure password-based key exchange protocol that protects Wi‑Fi connections from offline dictionary attacks and improves authentication robustness.
-
E.
New Directions in Cryptography
New Directions in Cryptography is a landmark 1976 paper that introduced the concepts of public-key cryptography and digital signatures, fundamentally reshaping modern cryptography and secure communications.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: SIGMA: the SIGn‑and‑MAc approach to authenticated Diffie‑Hellman Target entity description: "SIGMA: the SIGn‑and‑MAc approach to authenticated Diffie‑Hellman" is a foundational cryptographic protocol framework that securely combines digital signatures and message authentication codes to provide authenticated key exchange in Diffie‑Hellman–based systems and underlies the design of several widely used Internet security protocols.
-
A.
Secrecy, Authentication, and Public Key Systems
"Secrecy, Authentication, and Public Key Systems" is Ralph Merkle's influential doctoral thesis that helped lay the foundations of modern public-key cryptography and secure communication protocols.
-
B.
Curve25519-based schemes
Curve25519-based schemes are cryptographic protocols and algorithms that use the Curve25519 elliptic curve to provide efficient, high-security public-key operations such as key exchange and digital signatures.
-
C.
Fiat–Shamir heuristic
The Fiat–Shamir heuristic is a cryptographic technique that transforms interactive proof systems into non-interactive ones using hash functions, widely used in digital signatures and zero-knowledge proofs.
-
D.
Diffie–Hellman key exchange
Diffie–Hellman key exchange is a foundational cryptographic protocol that enables two parties to securely establish a shared secret over an insecure communication channel.
-
E.
Simultaneous Authentication of Equals
Simultaneous Authentication of Equals is a secure password-based key exchange protocol that protects Wi‑Fi connections from offline dictionary attacks and improves authentication robustness.
- F. None of above. chosen
Statements (43)
| Predicate | Object |
|---|---|
| instanceOf |
authenticated key exchange protocol
ⓘ
cryptographic protocol framework ⓘ |
| abbreviationOf | SIGn‑and‑MAc NERFINISHED ⓘ |
| aimsToAvoid |
identity misbinding attacks
ⓘ
key‑control by an adversary ⓘ unknown key‑share attacks ⓘ |
| basedOn | Diffie‑Hellman key exchange NERFINISHED ⓘ |
| category |
key establishment
ⓘ
protocol design framework ⓘ public‑key cryptography ⓘ |
| component |
Diffie‑Hellman exponentials exchanged between parties
ⓘ
MACs keyed with the derived Diffie‑Hellman secret ⓘ digital signatures on protocol data ⓘ |
| designedFor | Internet security protocols ⓘ |
| designGoal |
clean separation between authentication and key derivation
ⓘ
efficiency in number of rounds and computations ⓘ support for identity protection of initiator and responder ⓘ |
| goal | securely combine signatures and MACs in Diffie‑Hellman key exchange ⓘ |
| influenced |
IKEv2
NERFINISHED
ⓘ
TLS key exchange designs ⓘ other authenticated Diffie‑Hellman protocols ⓘ |
| notableFeature |
generic template that can be instantiated with different primitives
ⓘ
influential in the theory and practice of AKE protocols ⓘ |
| property |
explicit key confirmation (in suitable instantiations)
ⓘ
resistance to key‑compromise impersonation (KCI) in standard models ⓘ resistance to man‑in‑the‑middle attacks ⓘ resistance to replay attacks ⓘ |
| provides |
authenticated key exchange
ⓘ
forward secrecy ⓘ identity protection ⓘ mutual authentication ⓘ |
| reliesOn |
hardness of the Diffie‑Hellman problem
ⓘ
security of underlying MAC scheme ⓘ security of underlying signature scheme ⓘ |
| securityModel | provable security under standard cryptographic assumptions ⓘ |
| structure |
sign‑then‑MAC design pattern
ⓘ
use of MACs over transcript including identities and Diffie‑Hellman values ⓘ |
| supports |
different Diffie‑Hellman groups
ⓘ
various authentication methods via signatures ⓘ |
| usedIn |
IPsec key management designs
ⓘ
Internet Key Exchange protocols NERFINISHED ⓘ |
| uses |
digital signatures
ⓘ
message authentication codes ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: SIGMA: the SIGn‑and‑MAc approach to authenticated Diffie‑Hellman Description of subject: "SIGMA: the SIGn‑and‑MAc approach to authenticated Diffie‑Hellman" is a foundational cryptographic protocol framework that securely combines digital signatures and message authentication codes to provide authenticated key exchange in Diffie‑Hellman–based systems and underlies the design of several widely used Internet security protocols.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.