On the security of TLS-DHE in the standard model

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 7417 LNCS, Issue , 2012, Pages 273-293

  Jager, Tibor ^a   Kohlar, Florian ^b   Schäge, Sven ^c   Schwenk, Jörg ^b  

^a KARLSRUHE INSTITUTE OF TECHNOLOGY   (Germany)

^b RUHR UNIVERSITY BOCHUM   (Germany)

^c UNIVERSITY COLLEGE LONDON   (United Kingdom)

Author keywords

authenticated key exchange; ephemeral Diffie Hellman; provable security; SSL; TLS

Indexed keywords

AUTHENTICATED KEY EXCHANGE; DIFFIE HELLMAN; PROVABLE SECURITY; SSL; TLS;

PUBLIC KEY CRYPTOGRAPHY; SECURITY OF DATA;

SEEBECK EFFECT;

EID: 84865461888     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-32009-5_17     Document Type: Conference Paper

References (24)

1. Abdalla, M., Bellare, M., Rogaway, P.: The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 143-158. Springer, Heidelberg (2001)
2. Langley, A., Google Security Team: Protecting data for the long term with forward secrecy, http://googleonlinesecurity.blogspot.co.uk/2011/11/protecting- data-for-long-term-with.html
3. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139-155. Springer, Heidelberg (2000)
4. Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232-249. Springer, Heidelberg (1994)
5. Bellare, M., Rogaway, P.: The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 409-426. Springer, Heidelberg (2006)
6. Blake-Wilson, S., Johnson, D., Menezes, A.: Key Agreement Protocols and their Security Analysis. In: Darnell, M. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 30-45. Springer, Heidelberg (1997)
7. Bleichenbacher, D.: Chosen Ciphertext Attacks against Protocols Based on the RSA Encryption Standard PKCS #1. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 1-12. Springer, Heidelberg (1998)
8. Brzuska, C., Fischlin, M., Smart, N.P., Warinschi, B., Williams, S.: Less is more: Relaxed yet composable security notions for key exchange. Cryptology ePrint Archive, Report 2012/242 (2012), http://eprint.iacr.org/
9. Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: 42nd Annual Symposium on Foundations of Computer Science, pp. 136-145. IEEE Computer Society Press (October 2001)
10. Canetti, R., Krawczyk, H.: Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453-474. Springer, Heidelberg (2001)
11. Canetti, R., Krawczyk, H.: Security Analysis of IKE's Signature-Based Key-Exchange Protocol. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 143-161. Springer, Heidelberg (2002), http://eprint.iacr.org/2002/120/
12. Choo, K.-K.R., Boyd, C., Hitchcock, Y.: Examining Indistinguishability- Based Proof Models for Key Establishment Protocols. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 585-604. Springer, Heidelberg (2005)
13. Cremers, C.J.F.: Session-state Reveal Is Stronger Than Ephemeral Key Reveal: Attacking the NAXOS Authenticated Key Exchange Protocol. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 20-33. Springer, Heidelberg (2009)
14. Dierks, T., Allen, C.: The TLS Protocol Version 1.0. RFC 2246 (Proposed Standard) (January 1999); Obsoleted by RFC 4346, updated by RFCs 3546, 5746
15. Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.1. RFC 4346 (Proposed Standard) (April 2006); Obsoleted by RFC 5246, updated by RFCs 4366, 4680, 4681, 5746
16. Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Proposed Standard) (August 2008); Updated by RFCs 5746, 5878
17. Gajek, S., Manulis, M., Pereira, O., Sadeghi, A.-R., Schwenk, J.: Universally Composable Security Analysis of TLS. In: Baek, J., Bao, F., Chen, K., Lai, X. (eds.) ProvSec 2008. LNCS, vol. 5324, pp. 313-327. Springer, Heidelberg (2008)
18. Jager, T., Kohlar, F., Schäge, S., Schwenk, J.: On the security of TLS-DHE in the Standard Model (full version). Cryptology ePrint Archive, Report 2011/219 (2011) (revised 2012), http://eprint.iacr.org/2011/219
19. LaMacchia, B.A., Lauter, K., Mityagin, A.: Stronger Security of Authenticated Key Exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1-16. Springer, Heidelberg (2007)
20. Morrissey, P., Smart, N.P., Warinschi, B.: A Modular Security Analysis of the TLS Handshake Protocol. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 55-73. Springer, Heidelberg (2008)
21. Morrissey, P., Smart, N.P.,Warinschi, B.: The TLS Handshake protocol: A modular analysis. Journal of Cryptology 23(2), 187-223 (2010)
22. Paterson, K.G., Ristenpart, T., Shrimpton, T.: Tag Size Does Matter: Attacks and Proofs for the TLS Record Protocol. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 372-389. Springer, Heidelberg (2011)
23. Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. Cryptology ePrint Archive, Report 2004/332 (November 2004)
24. Wagner, D., Schneier, B.: Analysis of the SSL 3.0 protocol. In: Proceedings of the Second USENIX Workshop on Electronic Commerce, pp. 29-40. USENIX Association (1996)