Inductive analysis of the Internet protocol TLS
ACM Transactions on Information and System Security (TISSEC)
Universally composable two-party and multi-party secure computation
STOC '02 Proceedings of the thiry-fourth annual ACM symposium on Theory of computing
Universally Composable Commitments
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
The Order of Encryption and Authentication for Protecting Communications (or: How Secure Is SSL?)
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
On the Security of RSA Encryption in TLS
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Security Analysis of IKE's Signature-Based Key-Exchange Protocol
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Universally Composable Notions of Key Exchange and Secure Channels
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Universally Composable Signature, Certification, and Authentication
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Using static analysis to validate the SAML single sign-on protocol
WITS '05 Proceedings of the 2005 workshop on Issues in the theory of security
Equational Approach to Formal Analysis of TLS
ICDCS '05 Proceedings of the 25th IEEE International Conference on Distributed Computing Systems
A modular correctness proof of IEEE 802.11i and TLS
Proceedings of the 12th ACM conference on Computer and communications security
Proving a WS-federation passive requestor profile with a browser model
Proceedings of the 2005 workshop on Secure web services
Analysis of the SSL 3.0 protocol
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Finite-state analysis of SSL 3.0
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
HMAC is a randomness extractor and applications to TLS
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Universally Composable Multi-party Computation Using Tamper-Proof Hardware
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Universally composable password-based key exchange
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Browser model for security analysis of browser-based protocols
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Universally composable symbolic analysis of mutual authentication and key-exchange protocols
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Risks of the CardSpace Protocol
ISC '09 Proceedings of the 12th International Conference on Information Security
Formal Analysis of the Estonian Mobile-ID Protocol
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Anonymous authentication with TLS and DAA
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
Ideal key derivation and encryption in simulation-based security
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Universally composable private proximity testing
ProvSec'11 Proceedings of the 5th international conference on Provable security
Composition theorems without pre-established session identifiers
Proceedings of the 18th ACM conference on Computer and communications security
Secure mobile access to homecare patients' data
Proceedings of the 5th International Conference on Theory and Practice of Electronic Governance
Payment frameworks for the purchase of electronic products and services
Computer Standards & Interfaces
A simulation-based treatment of authenticated message exchange
ASIAN'09 Proceedings of the 13th Asian conference on Advances in Computer Science: information Security and Privacy
Hash function combiners in TLS and SSL
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
On the security of TLS renegotiation
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Analysing TLS in the strand spaces model
Journal of Computer Security
Hi-index | 0.01 |
We present a security analysis of the complete TLS protocol in the Universal Composable security framework. This analysis evaluates the composition of key exchange functionalities realized by the TLS handshake with the message transmission of the TLS record layer to emulate secure communication sessions and is based on the adaption of the secure channel model from Canetti and Krawczyk to the setting where peer identities are not necessarily known prior the protocol invocation and may remain undisclosed. Our analysis shows that TLS, including the Diffie-Hellman and key transport suites in the uni-directional and bi-directional models of authentication, securely emulates secure communication sessions.