Secret-key agreement without public-key
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
An attack on the Needham-Schroeder public-key authentication protocol
Information Processing Letters
Provably secure session key distribution: the three party case
STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Implementation of a Provably Secure, Smartcard-Based Key Distribution Protocol
CARDIS '98 Proceedings of the The International Conference on Smart Card Research and Applications
Modelling Agents' Knowledge Inductively
Proceedings of the 7th International Workshop on Security Protocols
Inductive verification of smart card protocols
Journal of Computer Security
Design principles for tamper-resistant smartcard processors
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Session key distribution using smart cards
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
| Hi-index | 0.00 |
Provable security [4] is a study of confidentiality within a complexity-theoretic framework. We argue that its findings are highly abstract. Our argument is supported by the mechanised inductive analysis of a protocol based on smart cards that was shown to enjoy provable security and then implemented. It appears that the protocol grants no reasonable guarantees of session key confidentiality to its peers in the realistic setting where an intruder can exploit other agents' cards. Indeed, the formal argument on confidentiality requires assumptions that no peer can verify in practice. We discover and prove that the lack of explicitness of two protocol messages is the sole cause of the protocol weaknesses. Our argument requires significant extensions to the Inductive Approach [9] in order to allow for smart cards.