Deriving Secrecy in Key Establishment Protocols
نویسندگان
چکیده
Secrecy and authenticity properties of protocols are mutually dependent: every authentication is based on some secrets, and every secret must be authenticated. This interdependency is a significant source of complexity in reasoning about security. We describe a method to simplify it, by encapsulating the authenticity assumptions needed in the proofs of secrecy. This complements the method for encapsulating the secrecy assumptions in proofs of authenticity, presented in [1]. While logically straightforward, this idea of encapsulation in general, and the present treatment of secrecy in particular, allow formulating scalable and reusable reasoning patterns about the families of protocols of practical interest. The approach evolved as a design strategy in the Protocol Derivation Assistant (Pda), a semantically based environment and toolkit for derivational approach to security [2, 3].
منابع مشابه
Forward Secrecy and Its Application to Future Mobile Communications Security
Perfect forward secrecy, one of the possible security features provided by key establishment protocols, concerns dependency of a session key upon long-term secret keys (symmetric or asymmetric). The feature promises that even if a long-term private key is disclosed to any adversary, the session keys established in the protocol runs using the long-term key would not be compromised. The importanc...
متن کاملQuantum Key Distribution in the Classical Authenticated Key Exchange Framework
Key establishment is a crucial primitive for building secure channels in a multi-party setting. Without quantum mechanics, key establishment can only be done under the assumption that some computational problem is hard. Since digital communication can be easily eavesdropped and recorded, it is important to consider the secrecy of information anticipating future algorithmic and computational dis...
متن کاملImproving Efficiency and Simplicity of Tor Circuit Establishment and Hidden Services
In this paper we demonstrate how to reduce the overhead and delay of circuit establishment in the Tor anonymizing network by using predistributed Diffie-Hellman values. We eliminate the use of RSA encryption and decryption from circuit setup, and we reduce the number of DH exponentiations vs. the current Tor circuit setup protocol while maintaining immediate forward secrecy. We also describe sa...
متن کاملAuthenticated Key Exchange Protocols for Parallel
We study the problem of key establishment for secure many-to-many communications. The problem is inspired by the proliferation of large-scale distributed file systems supporting parallel access to multiple storage devices. Our work focuses on the current Internet standard for such file systems, i.e., parallel Network File System (pNFS), which makes use of Kerberos to establish parallel session ...
متن کاملDenial-of-service resistance in key establishment
Denial of Service (DoS) attacks are an increasing problem for network connected systems. Key establishment protocols are applications that are particularly vulnerable to DoS attack as they are typically required to perform computationally expensive cryptographic operations in order to authenticate the protocol initiator and to generate the cryptographic keying material that will subsequently be...
متن کامل