Computationally secure two-round authenticated message exchange

Authors:
Klaas Ole Kürtz;Henning Schnoor;Thomas Wilke
Affiliations:
Christian-Albrechts-Universität zu Kiel, Kiel, Germany;Christian-Albrechts-Universität zu Kiel, Kiel, Germany;Christian-Albrechts-Universität zu Kiel, Kiel, Germany
Venue:
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Year:
2010

Citing 17
Cited 0

Entity authentication and key distribution

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Timestamps in key distribution protocols

Communications of the ACM
Using encryption for authentication in large networks of computers

Communications of the ACM
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR

TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
On the Security of Joint Signature and Encryption

EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
A Concrete Security Treatment of Symmetric Encryption

FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Universally Composable Security: A New Paradigm for Cryptographic Protocols

FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
A composable cryptographic library with nested operations

Proceedings of the 10th ACM conference on Computer and communications security
A semantics for web services authentication

Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A computational analysis of the Needham-Schroeder-(Lowe) protocol

Journal of Computer Security
Simulation-Based Security with Inexhaustible Interactive Turing Machines

CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
A survey of algebraic properties used in cryptographic protocols

Journal of Computer Security
Concurrent Composition of Secure Protocols in the Timing Model

Journal of Cryptology
Authentication without Elision: Partially Specified Protocols, Associated Data, and Cryptographic Models Described by Code

CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
Time bounded random access machines

Journal of Computer and System Sciences
A simulation-based treatment of authenticated message exchange

ASIAN'09 Proceedings of the 13th Asian conference on Advances in Computer Science: information Security and Privacy
Universally composable symbolic analysis of mutual authentication and key-exchange protocols

TCC'06 Proceedings of the Third conference on Theory of Cryptography

Quantified Score

Hi-index	0.00

Visualization

Abstract

We prove secure a concrete and practical two-round authenticated message exchange protocol which reflects the authentication mechanisms for web services discussed in various standardization documents. The protocol consists of a single client request and a subsequent server response and works under the realistic assumptions that the responding server is long-lived, has bounded memory, and may be reset occasionally. The protocol is generic in the sense that it can be used to implement securely any service based on authenticated message exchange, because request and response can carry arbitrary payloads. Our security analysis is a computational analysis in the Bellare-Rogaway style and thus provides strong guarantees; it is novel from a technical point of view since we extend the Bellare-Rogaway framework by timestamps and payloads with signed parts.