TLS, PACE, and EAC: ACryptographic View at Modern Key Exchange Protocols
نویسندگان
چکیده
To establish a secure channel between two parties common security solutions often use a key exchange protocol as a preliminary subroutine to generate a shared key. These solutions include the protocols for secure communication between a reader and an identity card or passport, called PACE and EAC, and the TLS protocol for secure web communication. In this work we survey the cryptographic status of these protocols and the recent developments in this area.
منابع مشابه
Safely Exporting Keys from Secure Channels - On the Security of EAP-TLS and TLS Key Exporters
We investigate how to safely export additional cryptographic keys from secure channel protocols, modelled with the authenticated and confidential channel establishment (ACCE) security notion. For example, the EAP-TLS protocol uses the Transport Layer Security (TLS) handshake to output an additional shared secret which can be used for purposes outside of TLS, and the RFC 5705 standard specifies ...
متن کاملAttacks on re-keying and renegotiation in Key Exchange Protocols Bachelor Thesis
The TLS protocol has been a subject of studies, analyses and verification attempts over the years, but a recently discovered attack against the key renegotiation in the TLS protocol underlined the need to more thoroughly study the key renegotiation phase and focus on aspects not investigated before. We study the key renegotiation phase of the TLS protocol and use formal models for automatic ver...
متن کاملDetecting Bot Networks Based On HTTP And TLS Traffic Analysis
Abstract— Bot networks are a serious threat to cyber security, whose destructive behavior affects network performance directly. Detecting of infected HTTP communications is a big challenge because infected HTTP connections are clearly merged with other types of HTTP traffic. Cybercriminals prefer to use the web as a communication environment to launch application layer attacks and secretly enga...
متن کاملPRF-ODH: Relations, Instantiations, and Impossibility Results
The pseudorandom-function oracle-Diffie–Hellman (PRF-ODH) assumption has been introduced recently to analyze a variety of DH-based key exchange protocols, including TLS 1.2 and the TLS 1.3 candidates, as well as the extended access control (EAC) protocol. Remarkably, the assumption comes in different flavors in these settings and none of them has been scrutinized comprehensively yet. In this pa...
متن کاملTranscript Collision Attacks: Breaking Authentication in TLS, IKE and SSH
In response to high-profile attacks that exploit hash function collisions, software vendors have started to phase out the use of MD5 and SHA-1 in third-party digital signature applications such as X.509 certificates. However, weak hash constructions continue to be used in various cryptographic constructions within mainstream protocols such as TLS, IKE, and SSH, because practitioners argue that ...
متن کامل