Bauer-Berson-Feiertag attack revisited
نویسندگان
چکیده
We show that Shoup and Rubin’s protocols are not secure against the BBF attack proposed by Bauer, Berson, and Feiertag, and propose an amendment. Furthermore, our results indicate that both Bellare and Rogaway’s security and Paulson’s security do not imply the security against the BBF attack.
منابع مشابه
On Efficient Key Agreement Protocols
A class of efficient key agreement protocols proposed by Boyd is examined. An attack is demonstrated on a round-optimal example protocol of this class, and a simple countermeasure is suggested. The whole class is known to be vulnerable to an attack proposed by Bauer, Berson and Feiertag. A new class of key agreement protocols without this vulnerability but having the same advantages in efficien...
متن کاملAutomated Analysis of Infinite Scenarios
The security of a network protocol crucially relies on the scenario in which the protocol is deployed. This paper describes syntactic constructs for modelling network scenarios and presents an automated analysis tool, which can guarantee that security properties hold in all of the (infinitely many) instances of a scenario. The tool is based on control flow analysis of the process calculus LySa ...
متن کاملStatically Detecting Message Confusions in a Multi-Protocol Setting
In a multi-protocol setting, di erent protocols are concurrently executed, and each principal can participate in more than one. The possibilities of attacks therefore increase, often due to the presence of similar patterns in messages. Messages coming from one protocol can be confused with similar messages coming from another protocol. As a consequence, data of one type may therefore be interpr...
متن کاملImproved Truncated Differential Attacks on SAFER
Knudsen and Berson have applied truncated differential attack on 5 round SAFER K-64 successfully. However, their attack is not efficient when applied on 5 round SAFER SK-64 (with the modified key schedule) and can not be applied on 6 round SAFER. In this paper, we improve the truncated differential attack on SAFER by using better truncated differential and additional filtering method. Our attac...
متن کاملOn extracting commuter information from GPS motion data
Commuters rely on realistic and real-time information in order to optimize the time spent on commuting between home and work. Delays in (urban) transport and congestion for individual motorized transport are a major issue for unnecessary long travel times. While some of these delays occur randomly, there is also a systematic component. In this paper we describe a data-driven approach to analyze...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2002 شماره
صفحات -
تاریخ انتشار 2002