Key Agreement Based on Homomorphisms of Algebraic Structures
The authors give a generalization of the Diffie-Hellman key agreement scheme that is based on the hardness of computing homomorphic images from an algebra to another. They formulate computational and decision versions of the homomorphic image problem and devise a key agreement protocol that is secure in the Canetti-Krawczyk model under the decision homomorphic image assumption. They also give an instantiation of the protocol using an additively homomorphic symmetric encryption scheme of Armknecht and Sadeghi. They prove that the instantiation is secure under the assumption that the encryption scheme is IND-CPA secure.