On Bluetooth Repairing: Key Agreement Based on Symmetric-Key Cryptography

Vaudenay, Serge

doi:10.1007/11599548_1

Cited by 6 publications

(3 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Bellare and Rogaway formalised a corresponding security model [3,4] where an adversary can execute several protocol instances concurrently and succeeds in deception if at least one protocol reaches an accepting state with incorrect outputs. The model was later extended to capture security of key agreement protocols [2] and then used in the context of manual authentication [21,20,17,18].…”

Section: Security Of Parallel Compositionsmentioning

confidence: 99%

SAS-Based Group Authentication and Key Agreement Protocols

Laur¹,

Pasini

2008

Public Key Cryptography – PKC 2008

View full text Add to dashboard Cite

Abstract. New trends in consumer electronics have created a strong demand for fast, reliable and user-friendly key agreement protocols. However, many key agreement protocols are secure only against passive attacks. Therefore, message authentication is often unavoidable in order to achieve security against active adversaries. Pasini and Vaudenay were the first to propose a new compelling methodology for message authentication. Namely, their two-party protocol uses short authenticated strings (SAS) instead of pre-shared secrets or public-key infrastructure that are classical tools to achieve authenticity. In this article, we generalise this methodology for multi-party settings. We give a new group message authentication protocol that utilises only limited authenticated communication and show how to combine this protocol with classical key agreement procedures. More precisely, we describe how to transform any group key agreement protocol that is secure against passive attacks into a new protocol that is secure against active attacks.

show abstract

Section: Security Of Parallel Compositionsmentioning

confidence: 99%

SAS-Based Group Authentication and Key Agreement Protocols

Laur¹,

Pasini

2008

Public Key Cryptography – PKC 2008

View full text Add to dashboard Cite

show abstract

“…We adopt the security model from [Vau05,Vau06,PV06] based on the one from Bellare-Rogaway [BR93]. We consider a network of participants which are located at some nodes.…”

Section: Preliminariesmentioning

confidence: 99%

SAS-Based Authenticated Key Agreement

Pasini

Vaudenay

2006

Public Key Cryptography - PKC 2006

Self Cite

View full text Add to dashboard Cite

Key agreement protocols are frequently based on the Diffie-Hellman protocol but require authenticating the protocol messages in two ways. This can be made by a cross-authentication protocol. Such protocols, based on the assumption that a channel which can authenticate short strings is available (SAS-based), have been proposed by Vaudenay. In this paper, we survey existing protocols and we propose a new one. Our proposed protocol requires three moves and a single SAS to be authenticated in two ways. It is provably secure in the random oracle model. We can further achieve security with a generic construction (e.g. in the standard model) at the price of an extra move. We discuss applications such as secure peer-to-peer VoIP.

show abstract

“…The underlining assumption of this protocol is that the adversary is not listening in at least one of each n successive interactions between the Tag and the Verifier. In essence, AP 1 protocol extends the "minimalist" security model in [12] and the assumptions made in [18]. The underlying assumption of AP 1 is that each communication session is atomic.…”

Section: Introductionmentioning

confidence: 99%

RFID Authentication Efficient Proactive Information Security within Computational Security

Kopeetsky

Shamir

2009

Theory Comput Syst

View full text Add to dashboard Cite

We consider repeated communication sessions between a RFID Tag (e.g., Radio Frequency Identification, RFID Tag) and a RFID Verifier. A proactive information theoretic security scheme is proposed. The scheme is based on the assumption that the information exchanged during at least one of every n successive communication sessions is not exposed to an adversary. The Tag and the Verifier maintain a vector of n entries that is repeatedly refreshed by pairwise xoring entries, with a new vector of n entries that is randomly chosen by the Tag and sent to the Verifier as a part of each communication session. The general case in which the adversary does not listen in k ≥ 1 sessions among any n successive communication sessions is also considered. A lower bound of n·(k +1) for the number of random numbers used during any n successive communication sessions is proven. In other words, we prove that an algorithm must use at least n·(k +1) new random numbers during any n successive communication sessions. Then a randomized scheme that uses only O(n log n) new random numbers is presented. A computational secure scheme which is based on the information theoretic secure scheme is used to ensure that even in the case that the adversary listens in all the information exchanges, the communication between the Tag and the Verifier is secure.

show abstract

On Bluetooth Repairing: Key Agreement Based on Symmetric-Key Cryptography

Cited by 6 publications

References 23 publications

SAS-Based Group Authentication and Key Agreement Protocols

SAS-Based Group Authentication and Key Agreement Protocols

SAS-Based Authenticated Key Agreement

RFID Authentication Efficient Proactive Information Security within Computational Security

Contact Info

Product

Resources

About