Towards denial-of-service-resilient key agreement protocols

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 5594 LNCS, Issue , 2009, Pages 389-406

  Stebila, Douglas ^a   Ustaoglu, Berkant ^b  

^a QUEENSLAND UNIVERSITY OF TECHNOLOGY   (Australia)

^b NTT CORPORATION   (Japan)

Author keywords

[No Author keywords available]

Indexed keywords

AUTHENTICATED KEY AGREEMENT; AUTHENTICATED KEY AGREEMENT PROTOCOLS; CLIENT PUZZLES; DENIAL OF SERVICE; FORMAL DEFINITION; HOSTILE ENVIRONMENTS; KEY AGREEMENT PROTOCOL;

INTERNET PROTOCOLS; NETWORK PROTOCOLS; PUBLIC KEY CRYPTOGRAPHY; TRANSMISSION CONTROL PROTOCOL;

NETWORK SECURITY;

EID: 70350639691     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-02620-1_27     Document Type: Conference Paper

References (28)

1. Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232-249. Springer, Heidelberg (1994)
2. Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355. Springer, Heidelberg (1997)
3. Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453-474. Springer, Heidelberg (2001)
4. Krawczyk, H.: HMQV: A high-performance secure Diffie-Hellman protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 546-566. Springer, Hei-delberg (2005)
5. LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1-16. Springer, Heidelberg (2007)
6. Boyd, C., Mathuria, A.: Protocols for Authentication and Key Establishment. Springer, Heidelberg (2003)
7. Wang, X., Reiter, M.: Defending against denial-of-service attacks with puzzle auctions. In: Proc. 2003 IEEE Symposium on Security and Privacy (SP 2003), pp. 78-92. IEEE Press, Los Alamitos (2003)
8. Aura, T., Nikander, P.: Stateless connections. In: Han, Y., Okamoto, T., Qing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 87-97. Springer, Heidelberg (1997)
9. Meadows, C.: A formal framework and evaluation method for network denial of service. In: Proc. 1999 IEEE Computer Security Foundations Workshop (CSFW), vol. 4, IEEE Computer Society Press, Los Alamitos (1999)
10. Gong, L., Syverson, P.: Fail-stop protocols: An approach to designing secure protocols. In: Proceedings of the 5th IFIP Working Conference on Dependable Computing for Critical Applications (DCCA-5), pp. 44-55 (September 1995)
11. Diffie, W., van Oorschot, P., Wiener, M.J.: Authentication and authenticated key exchanges. Designs, Codes and Cryptography 2(2), 107-125 (1992)
12. Smith, J., Gonzalez-Nieto, J., Boyd, C.: Modelling denial of service attacks on JFK with Meadows's cost-based framework. In: Buyya, R., Ma, T., Safavi-Naini, R., Steketee, C., Susilo, W. (eds.) Proc. 4th Australasian Information Security Workshop-Network Security (AISW-NetSec) 2006. CRPIT, vol. 54, pp. 125-134. Australian Computer Society (2006)
13. Karn, P., Simpson, W.A.: Photuris: Session-key management protocol, RFC 2522 (March 1999)
14. Krawczyk, H.: SIGMA: The 'SIGn-and-MAc' approach to authenticated Diffie-Hellman and its use in the IKE protocols. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 400-425. Springer, Heidelberg (2003)
15. Kaufman, C.: Internet Key Exchange (IKEv2) protocol, RFC 4306 (December 2005)
16. Aiello, W., Bellovin, S.M., Blaze, M., Canetti, R., Ioannidis, J., Keromytis, A.D., Reingold, O.: Just Fast Keying: Key agreement in a hostile Internet. ACM Transactions on Information and System Security 7(2), 1-30 (2004)
17. Mao, W., Paterson, K.G.: On the plausible deniability feature of Internet protocols (manuscript, 2002)
18. Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139-147. Springer, Heidelberg (1993)
19. Back, A.: A partial hash collision based postage scheme (1997), http://www.hashcash.org/papers/announce.txt
20. Juels, A., Brainard, J.: Client puzzles: A cryptographic countermeasure against connection depletion attacks. In: Proc. Internet Society Network and Distributed System Security Symposium (NDSS), pp. 151-165. Internet Society (1999)
21. Abadi, M., Burrows, M., Manasse, M., Wobber, T.: Moderately hard, memory-bound functions. In: Proc. Internet Society Network and Distributed System Security Symposium (NDSS 2003). Internet Society (2003)
22. Waters, B., Juels, A., Halderman, J.A., Felten, E.W.: New client puzzle outsourcing techniques for DoS resistance. In: Proc. 11th ACM Conference on Computer and Communications Security (CCS), pp. 246-256. ACM, New York (2004)
23. Aura, T., Nikander, P., Leiwo, J.: DOS-resistant authentication with client puzzles. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2000. LNCS, vol. 2133, pp. 170-177. Springer, Heidelberg (2001)
24. Eddy, W.M.: TCP SYN flooding attacks and common mitigations, RFC 4987 (August 2007)
25. Jakobsson, M., Juels, A.: Proofs of work and bread pudding protocols. In: Preneel, B. (ed.) Proceedings of the IFIP TC6/TC11 Joint Working Conference on Secure Information Networks: Communications and Multimedia Security. IFIP Conference Proceedings, vol. 152, pp. 258-272. Kluwer Academic Publishers, Dordrecht (1999)
26. Ustaoglu, B.: Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS. Designs, Codes and Cryptography 46(3), 329-342 (2008)
27. Okamoto, T., Pointcheval, D.: The gap-problems: A new class of problems for the security of cryptographic schemes. In: Kim, K. (ed.) PKC 2001. LNCS, vol. 1992, pp. 104-118. Springer, Heidelberg (2001)
28. Moskowitz, R., Nikander, P., Jokela, P., Henderson, T.R.: Host Identity Protocol, Internet-Draft (February 2004)