Authentication and authenticated key exchanges
Designs, Codes and Cryptography
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Provably secure session key distribution: the three party case
STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Enhancing model checking in verification by AI techniques
Artificial Intelligence
Verifying security protocols with Brutus
ACM Transactions on Software Engineering and Methodology (TOSEM)
Verifying security protocols as planning in logic programming
ACM Transactions on Computational Logic (TOCL) - Special issue devoted to Robert A. Kowalski
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Cryptographically Sound and Machine-Assisted Verification of Security Protocols
STACS '03 Proceedings of the 20th Annual Symposium on Theoretical Aspects of Computer Science
Key Agreement Protocols and Their Security Analysis
Proceedings of the 6th IMA International Conference on Cryptography and Coding
Some new attacks upon security protocols
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Proving Properties of Security Protocols by Induction
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
A Meta-Notation for Protocol Analysis
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
I/O Automaton Models and Proofs for Shared-Key Communication Systems
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Some attacks upon authenticated group key agreement protocols
Journal of Computer Security - Special issue on CSFW14
Reconstruction of Attacks against Cryptographic Protocols
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Towards computationally sound symbolic analysis of key exchange protocols
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
Refuting Security Proofs for Tripartite Key Exchange with Model Checker in Planning Problem Setting
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Errors in computational complexity proofs for protocols
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
On session key construction in provably-secure key establishment protocols
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
Password-Based authenticated key exchange in the three-party setting
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
HMQV: a high-performance secure diffie-hellman protocol
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Password-Based group key exchange in a constant number of rounds
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Formal methods for cryptographic protocol analysis: emerging issues and trends
IEEE Journal on Selected Areas in Communications
A cryptographically sound security proof of the Needham-Schroeder-Lowe public-key protocol
IEEE Journal on Selected Areas in Communications
An improved identity-based key agreement protocol and its security proof
Information Sciences: an International Journal
Formal Correctness Proof for DPLL Procedure
Informatica
A provably secure authenticated key agreement protocol for wireless communications
Computers and Electrical Engineering
Hi-index | 0.00 |
We revisit the password-based group key exchange protocol due to Lee et al. (2004), which carries a claimed proof of security in the Bresson et al. model under the intractability of the Decisional Diffie-Hellman problem (DDH) and Computational Diffie-Hellman (CDH) problem. We reveal a previously unpublished flaw in the protocol and its proof, whereby we demonstrate that the protocol violates the definition of security in the model. To provide a better insight into the protocol and proof failures, we present a fixed protocol. We hope our analysis will enable similar mistakes to be avoided in the future. We also revisit protocol 4 of Song and Kim (2000), and reveal a previously unpublished flaw in the protocol (i.e., a reflection attack). The views and opinions expressed in this paper do not necessarily reflect those of the Commonwealth Government, the Minister for Justice and Customs, or the Australian Institute of Criminology. Research was performed while the author was with the Information Security Institute / Queensland University of Technology.