Authentication protocols for computer networks: I
Computer Networks and ISDN Systems
Efficient and timely mutual authentication
ACM SIGOPS Operating Systems Review
Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
Symmetric public-key encryption
Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
Source to destination communication in the presence of faults
Proceedings of the eighth annual ACM Symposium on Principles of distributed computing
Universal one-way hash functions and their cryptographic applications
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
SOSP '89 Proceedings of the twelfth ACM symposium on Operating systems principles
A semantics for a logic of authentication (extended abstract)
PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
Security Mechanisms in High-Level Network Protocols
ACM Computing Surveys (CSUR)
A key distribution protocol using event markers
ACM Transactions on Computer Systems (TOCS)
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM - Special 25th Anniversary Issue
Timestamps in key distribution protocols
Communications of the ACM
Using encryption for authentication in large networks of computers
Communications of the ACM
Limitations of the Kerberos authentication system
ACM SIGCOMM Computer Communication Review
Differential Cryptanalysis of DES-like Cryptosystems
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
Cryptographic protocols
Optimality of multi-domain protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
On simple and secure key distribution
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Adding time to a logic of authentication
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Extending cryptographic logics of belief to key agreement protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
The KryptoKnight family of light-weight protocols for authentication and key distribution
IEEE/ACM Transactions on Networking (TON)
A Formal Language for Cryptographic Protocol Requirements
Designs, Codes and Cryptography - Special issue dedicated to Gustavus J. Simmons
Secure protocol transformation via “expansion”: from two-party to groups
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
The Risks of Compromising Secret Information
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Authenticated Diffie-Hellman Key Agreement Protocols
SAC '98 Proceedings of the Selected Areas in Cryptography
Perfectly-Secure Key Distribution for Dynamic Conferences
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Entity Authentication and Key Distribution
CRYPTO '93 Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology
On the Risk of Opening Distributed Keys
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
The Security of Cipher Block Chaining
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Universally Composable Notions of Key Exchange and Secure Channels
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Efficient and Mutually Authenticated Key Exchange for Low Power Computing Devices
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Lessons Learned in Implementing and Deploying Crypto Software
Proceedings of the 11th USENIX Security Symposium
Some new attacks upon security protocols
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Scalability and Flexibility in Authentication Services: The KryptoKnight Approach
INFOCOM '97 Proceedings of the INFOCOM '97. Sixteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Driving the Information Revolution
Science of Computer Programming - Special issue on 12th European symposium on programming (ESOP 2003)
Formal analysis of modern security protocols
Information Sciences—Informatics and Computer Science: An International Journal
A secure and scalable group key exchange system
Information Processing Letters
Modeling insider attacks on group key-exchange protocols
Proceedings of the 12th ACM conference on Computer and communications security
Towards computationally sound symbolic analysis of key exchange protocols
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
Provably secure authenticated group Diffie-Hellman key exchange
ACM Transactions on Information and System Security (TISSEC)
A Provably Secure One-Pass Two-Party Key Establishment Protocol
Information Security and Cryptology
Concrete Security for Entity Recognition: The Jane Doe Protocol
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
A Modular Security Analysis of the TLS Handshake Protocol
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
IC card-based single sign-on system that remains secure under card analysis
Proceedings of the 5th ACM workshop on Digital identity management
Several practical protocols for authentication and key exchange
Information Processing Letters
Two attacks on Neuman-Stubblebine authentication protocols
Information Processing Letters
A secure and scalable Group Key Exchange system
Information Processing Letters
Environmental requirements for authentication protocols
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
ESOP'03 Proceedings of the 12th European conference on Programming
Forward secrecy in password-only key exchange protocols
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
An efficient password-only two-server authenticated key exchange system
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Towards understanding pure publish/subscribe cryptographic protocols
Security'08 Proceedings of the 16th International conference on Security protocols
Securely propagating authentication in an ensemble of personal devices using single sign-on
ESAS'04 Proceedings of the First European conference on Security in Ad-hoc and Sensor Networks
Research note: Group-oriented authentication mechanism with key exchange
Computer Communications
Provably secure three-party authenticated key agreement protocol using smart cards
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
We investigate protocols for authenticated exchange of messages between two parties in a communication network. Secure authenticated exchange is essential for network security. It is not difficult to design simple and seemingly correct solutions for it, however, many such 'solutions' can be broken. We give some examples of such protocols and we show a useful methodology which can be used to break many protocols. In particular, we break a protocol that is being standardized by the ISO.We present a new authenticated exchange protocol which is both provably secure and highly efficient and practical. The security of the protocol is proven, based on an assumption about the the cryptosystem employed (namely, that it is secure when used in CBC mode on a certain message space). We think that this assumption is quite reasonable for many cryptosystems, and furthermore it is often assumed in practical use of the DES cryptosystem. Our protocol cannot be broken using the methodology we present (which was strong enough to catch all protocol flaws we found). The reduction to the security of the encryption mode, indeed captures the non-existence of the exposures that the methodology catches (specialized to the actual use of encryption in our protocol). Furthermore, the protocol prevents chosen plaintext or ciphertext attacks on the cryptosystem.The proposed protocol is efficient and practical in several aspects. First, it uses only conventional cryptography (like the DES, or any privately-shared one-way function) and no public-key. Second, the protocol does not require synchronized clocks or counter management. Third, only a small number of encryption operations is needed (we use no decryption), all with a single shared key. In addition, only three messages are exchanged during the protocol, and the size of these messages is minimal. These properties are similar to existing and proposed actual protocols. This is essential for integration of the proposed protocol into existing systems and embedding it in existing communication protocols.