Authentication and authenticated key exchanges
Designs, Codes and Cryptography
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Provably secure session key distribution: the three party case
STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Universally Composable Notions of Key Exchange and Secure Channels
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Provably Authenticated Group Diffie-Hellman Key Exchange - The Dynamic Case
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Entity Authentication and Authenticated Key Transport Protocols Employing Asymmetric Techniques
Proceedings of the 5th International Workshop on Security Protocols
Key Agreement Protocols and Their Security Analysis
Proceedings of the 6th IMA International Conference on Cryptography and Coding
ACM Transactions on Information and System Security (TISSEC)
Plaintext Recovery Attacks against SSH
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
The TLS Handshake Protocol: A Modular Analysis
Journal of Cryptology
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
One-time-password-authenticated key exchange
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
Modular security proofs for key agreement protocols
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Examining indistinguishability-based proof models for key establishment protocols
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
One-Time verifier-based encrypted key exchange
PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography
Plaintext-Dependent decryption: a formal security treatment of SSH-CTR
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
| Hi-index | 0.00 |
We provide an analysis of the widely deployed SSH protocol's key exchange mechanism. We exploit the design of the SSH key exchange to perform our analysis in a modular manner. First, a shared secret key is obtained via a Diffie-Hellman key exchange. Next, a transform is applied to obtain the application keys used by later stages of SSH. We define models, following well-established paradigms, that clarify the security provided by each type of key. Previously, there has been no formal analysis of the SSH key exchange protocol. We provide a modular proof of security for the SSH shared secret and application keys. We show that although the shared secret key exchanged by SSH is not indistinguishable, the transformation then applied yields indistinguishable application keys. Our proofs use random oracles to model the hash function used within SSH.