Universally Composable Security Analysis of TLS
نویسندگان
چکیده
We present a security analysis of the complete TLS protocol in the Universal Composable security framework. This analysis evaluates the composition of key exchange functionalities realized by the TLS handshake with the message transmission of the TLS record layer to emulate secure communication sessions and is based on the adaption of the secure channel model from Canetti and Krawczyk to the setting where peer identities are not necessarily known prior the protocol invocation and may remain undisclosed. Our analysis shows that TLS, including the Diffie-Hellman and key transport suites in the uni-directional and bi-directional models of authentication, securely emulates secure communication sessions.
منابع مشابه
Universally Composable Security Analysis of TLS - Secure Sessions with Handshake and Record Layer Protocols
We present a security analysis of the complete TLS protocol in the Universal Composablesecurity framework. This analysis evaluates the composition of key exchange functionalitiesrealized by the TLS handshake with the message transmission of the TLS record layer to em-ulate secure communication sessions and is based on the adaption of the secure channel modelfrom Canetti and Kraw...
متن کاملIdeal Key Derivation and Encryption in Simulation-Based Security
Many real-world protocols, such as SSL/TLS, SSH, IPsec, IEEE 802.11i, DNSSEC, and Kerberos, derive new keys from other keys. To be able to analyze such protocols in a composable way, in this paper we extend an ideal functionality for symmetric and public-key encryption proposed in previous work by a mechanism for key derivation. We also equip this functionality with message authentication codes...
متن کاملUniversally Composable Secure Mobile Agent Computation
We study the security challenges faced by the mobile agent paradigm, where code travels and performs computations on remote hosts in an autonomous manner. We define universally composable security for mobile agent computation that is geared toward a complex networking environment where arbitrary protocol instances may be executing concurrently. Our definition provides security for all the parti...
متن کاملUniversally Composable Symbolic Analysis of Diffie-Hellman based Key Exchange
Canetti and Herzog (TCC’06) show how to efficiently perform fully automated, computationally sound security analysis of key exchange protocols with an unbounded number of sessions. A key tool in their analysis is composability, which allows deducing security of the multi-session case from the security of a single session. However, their framework only captures protocols that use public key encr...
متن کاملDetecting Bot Networks Based On HTTP And TLS Traffic Analysis
Abstract— Bot networks are a serious threat to cyber security, whose destructive behavior affects network performance directly. Detecting of infected HTTP communications is a big challenge because infected HTTP connections are clearly merged with other types of HTTP traffic. Cybercriminals prefer to use the web as a communication environment to launch application layer attacks and secretly enga...
متن کامل