Analysis of the SSH key exchange protocol

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 7089 LNCS, Issue , 2011, Pages 356-374

  Williams, Stephen C ^a  

^a BAE SYSTEMS   (United Kingdom)

Author keywords

key exchange; security proof; SSH

Indexed keywords

A-TRANSFORM; DIFFIE-HELLMAN KEY EXCHANGE; FORMAL ANALYSIS; KEY EXCHANGE; KEY EXCHANGE MECHANISM; KEY EXCHANGE PROTOCOLS; RANDOM ORACLE; SECURITY PROOFS; SHARED SECRETS; SSH; SSH PROTOCOL;

CODES (SYMBOLS); HASH FUNCTIONS;

INTERNET PROTOCOLS;

EID: 83755180790     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-25516-8_22     Document Type: Conference Paper

References (25)

1. Abdalla, M., Chevassut, O., Pointcheval, D.: One-Time Verifier-Based Encrypted Key Exchange. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 47-64. Springer, Heidelberg (2005) (Pubitemid 41231325)
2. Albrecht, M., Paterson, K., Watson, G.: Plaintext recovery attacks against SSH. In: IEEE Symposium on Security and Privacy, pp. 16-26. IEEE Computer Society (2009)
3. Bellare, M., Canetti, R., Krawczyk, H.: A modular approach to the design and analysis of authentication and key exchange protocols. In: Proceedings of the 13th Annual ACM Symposium on Theory of Computing, pp. 419-428. ACM (1998)
4. Bellare, M., Kohno, T., Namprempre, C.: Breaking and provably repairing the SSH authenticated encryption scheme: A case study of the encode-then-encrypt-and-MAC paradigm. ACM Transactions on Information and Systems Security 7(2), 206-241 (2004)
5. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139-155. Springer, Heidelberg (2000)
6. Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232-249. Springer, Heidelberg (1994)
7. Bellare, M., Rogaway, P.: Provably secure session key distribution: The three party case. In: 27th Symposium on Theory of Computing - STOC 1995, pp. 57-66. ACM (1995)
8. Blake-Wilson, S., Johnson, D., Menezes, A.: Key Agreement Protocols and their Security Analysis. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 30-45. Springer, Heidelberg (1997) (Pubitemid 128005797)
9. Blake-Wilson, S., Menezes, A.: Entity Authentication and Authenticated Key Transport Protocols Employing Asymmetric Techniques. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 137-158. Springer, Heidelberg (1998) (Pubitemid 128023886)
10. Bresson, E., Chevassut, O., Pointcheval, D.: Provably Authenticated Group Diffie-Hellman Key Exchange - the Dynamic Case. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 290-309. Springer, Heidelberg (2001)
11. Canetti, R., Krawczyk, H.: Analysis of Key Exchange Protocols and their use for Building Secure Channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453-474. Springer, Heidelberg (2001) (Pubitemid 33275848)
12. Canetti, R., Krawczyk, H.: Universally Composable Notions of Key Exchange and Secure Channels. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 337-351. Springer, Heidelberg (2002)
13. Choo, K.-K.R., Boyd, C., Hitchcock, Y.: Examining Indistinguishability- Based Proof Models for Key Establishment Protocols. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 585-604. Springer, Heidelberg (2005) (Pubitemid 43763497)
14. Dai, W.: An attack against SSH2 protocol E-mail to the SECSH Working Group (February 6, 2002), ftp://ftp.ietf.org/ietf-mail-archive/secsh/2002-02. mail
15. Diffie, W., Oorschot, P.V., Wiener, M.: Authentication and authenticated key exchanges. Designs, Codes and Cryptography 2(2), 107-125 (1992)
16. Kudla, C.: Special signature schemes and key agreement protocols, PhD Thesis, Royal Holloway University of London (2006)
17. Kudla, C., Paterson, K.G.: Modular Security Proofs for Key Agreement Protocols. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 549-565. Springer, Heidelberg (2005) (Pubitemid 43763495)
18. Morrissey, P., Smart, N., Warinschi, B.: The TLS handshake protocol: A modular analysis. Journal of Cryptology 23(2), 187-223 (2010)
19. Paterson, K.G., Stebila, D.: One-Time-Password-Authenticated Key Exchange. In: Steinfeld, R., Hawkes, P. (eds.) ACISP 2010. LNCS, vol. 6168, pp. 264-281. Springer, Heidelberg (2010)
20. Paterson, K., Watson, G.: Plaintext-Dependent Decryption: A Formal Security Treatment of SSH-CTR. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 345-361. Springer, Heidelberg (2010)
21. Shoup, V.: On formal models for secure key exchange (version 4) (1999) (preprint)
22. Ylonen, T., Lonvick, C.: The secure shell (SSH) protocol architecture (2006) RFC 4251
23. Ylonen, T., Lonvick, C.: The secure shell (SSH) authentication protocol (2006) RFC 4252
24. Ylonen, T., Lonvick, C.: The secure shell (SSH) transport layer protocol (2006) RFC 4253
25. Ylonen, T., Lonvick, C.: The secure shell (SSH) connection protocol (2006) RFC 4254