A simple, (as-of-yet unidentified) asymmetric Authenticated Key Exchange

&gt; The use-case is a user and a “service-provider” (of some kind, in my case a device). The device only responds to requests, performs computations in a separate computing environment and is, in this particular case, connected by USB port. There is sensitive information involved. The device, however, does not have storage capability...<p>I think you&#x27;re over-describing your use case, to the point that it&#x27;s unclear what you&#x27;re really saying. I read your &quot;Introduction&quot; section several times, and I don&#x27;t understand if you&#x27;re just saying &quot;the use case is an authenticated key exchange&quot; or something different. That makes it hard to judge the protocol.<p>&gt; Device gets authenticated<p>&gt; The device, however, does not have storage capability<p>These two requirements are contradictory. How do you &quot;authenticate&quot; a server that has a different identity each time you interact with it?<p>&gt; [The protocol] is built on top of a Diffie-Hellman Key Exchange<p>Why not just use Diffie-Hellman? What else is this offering?

This is Noise NK, possibly with differences in the hashing details which I did not check:<p><a href="https:&#x2F;&#x2F;noiseprotocol.org&#x2F;noise.html#interactive-handshake-patterns-fundamental" rel="nofollow">https:&#x2F;&#x2F;noiseprotocol.org&#x2F;noise.html#interactive-handshake-p...</a><p>I encourage you to use their hashing details. They&#x27;re battle-tested.<p>Wireguard uses Noise IK, which is NK plus a static public key for the initiator which is encrypted to the agreed-upon-session-key without adding additional round trips. Your protocol and Noise NK omit the parts related to the initiator&#x27;s static public key, because it has none.

I think this protocol is correct-ish* when you make the strong assumptions you have made about the device, but I also don&#x27;t know why you would use it. Normally, you would prefer to both have unique device public keys for domain separation (preventing re-use of IVs, etc.) combined with the ability to verify that the device public key is actually the public key of a legitimate device. Otherwise, you could have a non-legit device conduct a MITM attack by running this protocol (if you trust the device to provide its identity PK) with the user and the device separately or you could have a counterfeit device created when sk_identity is eventually exfiltrated (if you set the identity PK as the same number for all devices at the factory - see what happens with DRM). Using some sort of device ID with a database mapping IDs to PKs also doesn&#x27;t give you counterfeit protection the way a certificate does - a counterfeiter can re-use an ID. You also can&#x27;t rotate your identity keys if you use this scheme.<p>Most cryptosystems today offer flexible-enough primitives that you can come up with a lot of different possible ways to do things like this. Whether they are useful is a different story.<p>IMO you should probably do something more normal, and just store the certificate chain with the device programming.<p>*After about 10 minutes of analysis, so YMMV taking my word for it.

I think this depends on a lot of assumptions about the capabilities of what is otherwise described as an absolutely dumb featureless device.<p>If the device lacks access to storage it cannot store any state. How do you ensure the RNG isn&#x27;t initialized to the same value every time? I&#x27;m not sure how that impacts some of the assumptions about security here.

On a cursory glance, this looks rather quite a bit like a Noise [1] pattern. One rather nice aspect of Noise is that there is a good reference chart for which security properties one should expect from different combinations - saving time on proofs.<p>[1] <a href="https:&#x2F;&#x2F;noiseprotocol.org" rel="nofollow">https:&#x2F;&#x2F;noiseprotocol.org</a>

Rolling your own crypto routines of any variety is in the same category as representing yourself in a murder trial.

This seems to be the use case for a user communicating with a confidential computing&#x2F;enclave abstraction.