Formal Proofs of Cryptographic Security of Diffie-Hellman-Based Protocols

Datta, Anupam; Mitchell, John C.

doi:10.1007/978-3-540-78663-4_21

Cited by 20 publications

(26 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Numerous references [168,171,172,174,176,177] provide formal security analysis and proof for the security strengths of the Suite-B algorithms, which are considered secure based on today's computational power. These are explained below:…”

Section: Security Analysismentioning

confidence: 99%

See 1 more Smart Citation

An application layer non-repudiation wireless system: A cross-layer approach

Adibi

2010

2010 IEEE International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM)

View full text Add to dashboard Cite

Non-repudiation techniques are to ensure any communication taking place between two or more parties will be undeniable. Therefore it is crucial to include digital signatures of the involving parties while the communication is taking place. In medical practices, involved parties include; patient(s), doctor(s), pharmacist(s), who are involved in series of visits, diagnosis, prescriptions, and possible operations. To avoid possible conflicts, deploying non-repudiation techniques help immensely. This thesis considers this issue in a wireless medium and studies the Quality of Service (QoS)/Security requirements in terms of network parameters and performance metrics.In terms of research contributions, this thesis embodies a thorough research on layered and cross-layer QoS and security schemes, in particular, featuring an adaptive Forward Error Correction (FEC) at the application layer, adapting to channel conditions. This leads to a cross layer design, which considers various QoS and security parameters export and import to and from various layers with a special focus on the application layer.The aim of this thesis is to consider a practical implementation and associated complexities of a non-repudiation system, including analytical and experimental testbeds and results. The security schemes are based on Suite-B cryptographic algorithms, including: The Elliptic Curve Diffie-Hellman (ECDH) for key agreement, the Advanced Encryption Standard -Galois/Counter Mode (AES-GCM) for encryption and authentication, the Elliptic Curve Digital Signature Algorithm (ECDSA) for digital signatures, and the Secure Hash Algorithm (SHA) for integrity. A key aspect of Suite-B is the deployment of Elliptic Curve Cryptography (ECC).The non-repudiation aspect of this thesis is based on the Suite-B's digital signature scheme; ECDSA. The digital signature and the hashing function target the entire multimedia data (i.e., text, video, and voice) and the challenge is to offer such extensive security treatment, while guaranteeing certain Quality of Service settings. These settings include: minimum round trip delay, maximum overhead, and minimum bandwidth allocation.iv

show abstract

Section: Security Analysismentioning

confidence: 99%

“…Reference [168] presents formal security analysis and proof for the security strength of Diffie-Hellman (DH) and DH-based protocols. This can be generalized to ECDH, which is also based on DH.…”

mentioning

confidence: 99%

An application layer non-repudiation wireless system: A cross-layer approach

Adibi

2010

2010 IEEE International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM)

View full text Add to dashboard Cite

show abstract

“…Roy et al [52] also proved computational security of Kerberos. In [53], Roy et al proved computational security of the PKINIT operation mode ("DH mode") that we do not consider here, as well as security of IKEv2. As another example of cryptographic proofs of security of an industrial-scale protocol, Gajek et al [34] proved security properties of TLS.…”

Section: Related Workmentioning

confidence: 99%

“…As noted above, DH mode has been analyzed by Roy et al [53]. Figure 2 illustrates the AS exchange when the fixed version (which defends against the attack of [24][25][26]) of PKINIT is used.…”

mentioning

confidence: 99%

Cryptographically Sound Security Proofs for Basic and Public-Key Kerberos

Backes

Cervesato

Jaggard

et al. 2006

Computer Security – ESORICS 2006

View full text Add to dashboard Cite

We present a computational analysis of basic Kerberos with and without its public-key extension PKINIT in which we consider authentication and key secrecy properties. Our proofs rely on the Dolev-Yaostyle model of Backes, Pfitzmann, and Waidner, which allows for mapping results obtained symbolically within this model to cryptographically sound proofs if certain assumptions are met. This work was the first verification at the computational level of such a complex fragment of an industrial protocol. By considering a recently fixed version of PKINIT, we extend symbolic correctness results we previously attained in the DolevYao model to cryptographically sound results in the computational model.

show abstract

“…Several groups of researchers have taken steps to connect the symbolic model to the probabilistic polynomial-time computational model used in cryptographic studies, e.g., [23-29, 3, 4, 30]. Protocol Composition Logic has been used to prove correctness of versions of Kerberos in the symbolic model [31], and in the computational model [32], with errors in the Diffie-Hellman variant of Kerberos and proofs of security presented in [33]. Connections between symbolic trace properties and computational soundness properties are developed in [34].…”

Section: Introductionmentioning

confidence: 99%

Analysis of EAP-GPSK Authentication Protocol

Mitchell

Rowe

Scedrov

2008

Applied Cryptography and Network Security

Self Cite

View full text Add to dashboard Cite

Abstract. The EAP-GPSK protocol is a lightweight, flexible authentication protocol relying on symmetric key cryptography. It is part of an ongoing IETF process to develop authentication methods for the EAP framework. We analyze the protocol and find three weaknesses: a repairable Denial-of-Service attack, an anomaly with the key derivation function used to create a short-term master session key, and a ciphersuite downgrading attack. We propose fixes to these anomalies, and use a finite-state verification tool to search for remaining problems after making these repairs. We then prove the fixed version correct using a protocol verification logic. We discussed the attacks and our suggested fixes with the authors of the specification document which has subsequently been modified to include our proposed changes.

show abstract

Formal Proofs of Cryptographic Security of Diffie-Hellman-Based Protocols

Cited by 20 publications

References 42 publications

An application layer non-repudiation wireless system: A cross-layer approach

An application layer non-repudiation wireless system: A cross-layer approach

Cryptographically Sound Security Proofs for Basic and Public-Key Kerberos

Analysis of EAP-GPSK Authentication Protocol

Contact Info

Product

Resources

About