On the cryptographic applications of random functions
Proceedings of CRYPTO 84 on Advances in cryptology
OCB: a block-cipher mode of operation for efficient authenticated encryption
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Authenticated encryption in SSH: provably fixing the SSH binary packet protocol
Proceedings of the 9th ACM conference on Computer and communications security
Authenticated-encryption with associated-data
Proceedings of the 9th ACM conference on Computer and communications security
Reaction Attacks against several Public-Key Cryptosystems
ICICS '99 Proceedings of the Second International Conference on Information and Communication Security
The Security of Cipher Block Chaining
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
On the Security of Joint Signature and Encryption
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS ...
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Fast Encryption and Authentication: XCBC Encryption and XECB Authentication Modes
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
Secure Channels Based on Authenticated Encryption Schemes: A Simple Characterization
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A Concrete Security Treatment of Symmetric Encryption
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Timing analysis of keystrokes and timing attacks on SSH
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Problem areas for the IP security protocols
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Concealment and its applications to authenticated encryption
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Lost in Translation: Theory and Practice in Cryptography
IEEE Security and Privacy
What can identity-based cryptography offer to web services?
Proceedings of the 2007 ACM workshop on Secure web services
Immunising CBC Mode Against Padding Oracle Attacks: A Formal Security Treatment
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
The implementation of a secure and pervasive multimodal Web system architecture
Information and Software Technology
Provably-secure schemes for basic query support in outsourced databases
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Cryptanalysis of the EPBC authenticated encryption mode
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
On the security of blockwise secure modes of operation beyond the birthday bound
IEEE Transactions on Information Theory
Choosing key sizes for cryptography
Information Security Tech. Report
Efficient authentication for mobile and pervasive computing
ICICS'10 Proceedings of the 12th international conference on Information and communications security
E-MACs: towards more secure and more efficient constructions of secure channels
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
Cryptanalysis of two variants of PCBC mode when used for message integrity
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Error oracle attacks on CBC mode: is there a future for CBC mode encryption?
ISC'05 Proceedings of the 8th international conference on Information Security
Plaintext-Dependent decryption: a formal security treatment of SSH-CTR
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
New proofs for NMAC and HMAC: security without collision-resistance
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Cryptography in theory and practice: the case of encryption in IPsec
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Authenticated-Encryption with padding: a formal security treatment
Cryptography and Security
Analysis of the SSH key exchange protocol
IMACC'11 Proceedings of the 13th IMA international conference on Cryptography and Coding
Security of symmetric encryption in the presence of ciphertext fragmentation
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
The security of ciphertext stealing
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
An analysis of the EMV channel establishment protocol
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.07 |
The secure shell (SSH) protocol is one of the most popular cryptographic protocols on the Internet. Unfortunately, the current SSH authenticated encryption mechanism is insecure. In this paper, we propose several fixes to the SSH protocol and, using techniques from modern cryptography, we prove that our modified versions of SSH meet strong new chosen-ciphertext privacy and integrity requirements. Furthermore, our proposed fixes will require relatively little modification to the SSH protocol and to SSH implementations. We believe that our new notions of privacy and integrity for encryption schemes with stateful decryption algorithms will be of independent interest.