Actor key compromise: Consequences and countermeasures

Proceedings of the Computer Security Foundations Workshop

Volumn 2014-January, Issue , 2014, Pages 244-258

  Basin, David ^a   Cremers, Cas ^b   Horvat, Marko ^b  

^a ETH ZURICH   (Switzerland)

^b UNIVERSITY OF OXFORD   (United Kingdom)

Author keywords

Adversary models; Key Compromise Impersonation; Security properties; Security protocols; SSH; TLS

Indexed keywords

NETWORK SECURITY; SECURITY SYSTEMS; SEEBECK EFFECT; THALLIUM;

ADVERSARY MODELS; CASE-STUDIES; KEY COMPROMISE; KEY-COMPROMISE IMPERSONATION; SECURITY PROPERTIES; SECURITY PROTOCOLS; SYMBOLIC MODEL; TLS PROTOCOLS;

INTERNET PROTOCOLS;

EID: 84939606625     PISSN: 10636900     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSF.2014.25     Document Type: Conference Paper

References (31)

1. K. Poulsen, "Edward Snowdens E-mail provider defied FBI demands to turn over crypto keys, documents show," http://www. wired. com/ threatlevel/2013/10/lavabit unsealed/ (Retrieved 11 October 2013)
2. OpenSSL Security Advisory [07 Apr 2014], "TLS heartbeat read overrun (CVE-2014-0160)," https://www. openssl. org/news/secadv 20140407. txt
3. G. Lowe, "Breaking and fixing the Needham-Schroeder public-key protocol using FDR," in TACAS'96, ser. LNCS. Springer, 1996, vol. 1055, pp. 147-166
4. S. Blake-Wilson, D. Johnson, and A. Menezes, "Key agreement protocols and their security analysis," in IMA Int. Conf., 1997, pp. 30-45
5. M. Just and S. Vaudenay, "Authenticated multi-party key agreement," in ASIACRYPT, 1996, pp. 36-49
6. D. Basin and C. Cremers, "Modeling and analyzing security in the presence of compromising adversaries," in ESORICS, 2010, pp. 340-356
7. C. Cremers and S. Mauw, Operational Semantics and Verification of Security Protocols, ser. Information Security and Cryptography. Springer, 2012
8. G. Lowe, "A hierarchy of authentication specifications. " IEEE Computer Society Press, 1997, pp. 31-43
9. C. Boyd and A. Mathuria, "Protocols for authentication and key establishment. " Springer, 2003
10. C. Cremers, "The Scyther Tool: Verification, falsification, and analysis of security protocols," in Proc. CAV, ser. LNCS, vol. 5123. Springer, 2008, pp. 414-418
11. "AKC protocol models," http://www. cs. ox. Ac. uk/people/cas. cremers/ scyther/AKC/
12. "Security Protocols Open Repository," http://www. lsv. ens-cachan. fr/ Software/spore/index. html
13. T. Ylonen, "The Secure Shell (SSH) Transport Layer Protocol," IETF RFC 4253, January 2006
14. T. Dierks and E. Rescorla, "The Transport Layer Security (TLS) protocol version 1. 2," IETF RFC 5246, August 2008
15. T. Weigold and A. Hiltgen, "Secure confirmation of sensitive transaction data in modern Internet banking services," in WorldCIS 2011, 2011, pp. 125-132
16. S. Meier, B. Schmidt, C. Cremers, and D. Basin, "The TAMARIN Prover for the Symbolic Analysis of Security Protocols," in Computer Aided Verification (CAV 2013), ser. LNCS, vol. 8044. Springer, 2013, pp. 696-701
17. "Apache Module mod auth basic," http://httpd. Apache. org/docs/2. 2/mod/ mod auth basic. html (Retrieved 1 February 2014)
18. "RFC 6749: The OAuth 2. 0 Authorization Framework," http://tools. ietf. org/html/rfc6749 (Retrieved 1 February 2014)
19. OASIS, "Security Assertion Markup Language (SAML) v2. 0," https: //www. oasis-open. org/standards#samlv2. 0 (Retrieved 1 February 2014)
20. G. Meng and Z. Futai, "Key-compromise impersonation attacks on some certificateless key agreement protocols and two improved protocols," in ETCS '09. First International Workshop on, vol. 2, 2009, pp. 62-66
21. K. Chalkias, F. Mpaldimtsi, D. Hristu-Varsakelis, and G. Stephanides, "On the key-compromise impersonation vulnerability of one-pass key establishment protocols," in SECRYPT, 2007, pp. 222-228
22. -, "Two types of key-compromise impersonation attacks against onepass key establishment protocols," in SECRYPT. Springer, 2008, pp. 227-238
23. Q. Tang and L. Chen, "Extended KCI attack against two-party key establishment protocols," Inf. Process. Lett., vol. 111, no. 15, pp. 744-747, 2011
24. M. Gorantla, C. Boyd, and J. G. Nieto, "Modeling key compromise impersonation attacks on group key exchange protocols," in Public Key Cryptography, 2009, pp. 105-123
25. K. Shim, "The risks of compromising secret information," in ICICS, 2002, pp. 122-133
26. R. Zhu, X. Tian, and D. Wong, "Enhancing CK-model for key compromise impersonation resilience and identity-based key exchange," Cryptology ePrint Archive, Report 2005/455, 2005, http://eprint. iacr. org/
27. B. LaMacchia, K. Lauter, and A. Mityagin, "Stronger security of authenticated key exchange," in ProvSec, 2007, pp. 1-16
28. M. Strangio, "On the resilience of key agreement protocols to key compromise impersonation," in EuroPKI, 2006, pp. 233-247
29. T. Jager, F. Kohlar, S. Schäge, and J. Schwenk, "On the security of TLS-DHE in the standard model," in Advances in Cryptology CRYPTO 2012, ser. LNCS. Springer, 2012, vol. 7417, pp. 273-293
30. H. Krawczyk, K. Paterson, and H. Wee, "On the security of the TLS protocol: A systematic analysis," in Advances in Cryptology CRYPTO 2013, ser. LNCS. Springer, 2013, vol. 8042, pp. 429-448
31. L. C. Paulson, "Inductive analysis of the Internet Protocol TLS," ACM Trans. Inf. Syst. Secur., vol. 2, no. 3, pp. 332-351, Aug. 1999.