Security Protocols in a Nutshell

Preprint English OPEN
Toorani, Mohsen;
(2016)
  • Subject: K.6.5 | D.4.6 | E.3 | K.6.m | 94A60 | Computer Science - Cryptography and Security

Security protocols are building blocks in secure communications. They deploy some security mechanisms to provide certain security services. Security protocols are considered abstract when analyzed, but they can have extra vulnerabilities when implemented. This manuscrip... View more
  • References (177)
    177 references, page 1 of 18

    1 Introduction 1 1.1 Security attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.2 Security services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.3 Security mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

    2 Taxonomy of attacks 3 2.1 Attacks on security protocols . . . . . . . . . . . . . . . . . . . . . . . . 3 2.2 Attacks on encryption schemes . . . . . . . . . . . . . . . . . . . . . . . 8 2.3 Attacks on implementations . . . . . . . . . . . . . . . . . . . . . . . . . 11

    3 Security models 14 3.1 Information-theoretic vs computational security . . . . . . . . . . . . . . 15 3.2 Idealized models in computational security . . . . . . . . . . . . . . . . . 16 3.3 Formal security models . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 3.4 Security proofs in reality . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

    4 Security models for cryptographic protocols 20 4.1 AKE protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 4.1.1 Security models for AKE protocols . . . . . . . . . . . . . . . . . 23 4.1.2 PAKE protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 4.2 Formal verification of Security Protocols . . . . . . . . . . . . . . . . . . 36

    [93] D. X. Song, D. Wagner, and X. Tian, “Timing analysis of keystrokes and timing attacks on ssh,” in Proceedings of the 10th Conference on USENIX Security Symposium - Volume 10, ser. SSYM'01. Berkeley, CA, USA: USENIX Association, 2001. [Online]. Available: http://dl.acm.org/citation.cfm?id=1251327.1251352

    [94] P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis,” in Advances in Cryptology - CRYPTO'99, ser. Lecture Notes in Computer Science. Springer Berlin Heidelberg, 1999, vol. 1666, pp. 388-397.

    [95] J.-J. Quisquater and D. Samyde, “Electromagnetic analysis (ema): Measures and counter-measures for smart cards,” in Smart Card Programming and Security, ser. Lecture Notes in Computer Science. Springer Berlin Heidelberg, 2001, vol. 2140, pp. 200-210. [Online]. Available: http://dx.doi.org/10.1007/3-540-45418-7 17

    [96] K. Gandolfi, C. Mourtel, and F. Olivier, “Electromagnetic analysis: Concrete results,” in Cryptographic Hardware and Embedded Systems - CHES'01, ser. Lecture Notes in Computer Science. Springer Berlin Heidelberg, 2001, vol. 2162, pp. 251-261. [Online]. Available: http://dx.doi.org/10.1007/3-540-44709-1 21

    [97] M. Vuagnoux and S. Pasini, “Compromising electromagnetic emanations of wired and wireless keyboards,” in Proceedings of the 18th Conference on USENIX Security Symposium, ser. SSYM'09. Berkeley, CA, USA: USENIX Association, 2009, pp. 1-16. [Online]. Available: http://dl.acm.org/citation.cfm?id=1855768. 1855769

    [98] D. Genkin, A. Shamir, and E. Tromer, “RSA key extraction via low-bandwidth acoustic cryptanalysis,” in Advances in Cryptology - CRYPTO'14, ser. Lecture Notes in Computer Science. Springer Berlin Heidelberg, 2014, vol. 8616, pp. 444-461.

  • Related Organizations (3)
  • Metrics
Share - Bookmark