Applying NCP Logic to the Analysis of SSL 3.0

Song, Zhimin; Qing, Sihan

doi:10.1007/3-540-45600-7_18

Zhimin Song⁷ &
Sihan Qing⁷

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2229))

Included in the following conference series:

International Conference on Information and Communications Security

584 Accesses
3 Citations

Abstract

In this paper we use extended NCP logic to formally analyze SSL 3.0, and show two important weak points of the protocol, which are the server’s not assured of the freshness and the origin of the pre-master secret when RSA is used for key exchange. We only give specification and analysis of one authentication mode of SSL 3.0 in detail, but all authentication modes have the two weak points. Especially, the flaw of the freshness of the pre-master secret may result in reuse of the pre-master secret, and we properly remedy it by introducing a nonce.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

A. Frier, P. Karlton, P. Kocher: The SSL Protocol Version 3.0. Netscape Communications Corp. March 1996. Internet Draft, work in progress.
Google Scholar
T. Dierks, C. Allen. RFC2246: The TLS Protocol Version 1.0. January 1999.
Google Scholar
Aviel David Rubin: Nonmonotonic Cryptographic Protocols. PhD thesis, University of Michigan, Ann Arbor. 1994.
Google Scholar
Sven Dietrich: A Formal Analysis of the Secure Sockets Layer Protocol. PhD thesis, Adelphi University. 1997.
Google Scholar
Daniel Bleichenbacher: Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS#1. Advances in Cryptology-Crypto’98, LNCS vol. 1462, pages 1–12, Springer-Verlag, 1998.
Chapter Google Scholar
Roger M. Needham, M. D. Schroeder: Using Encryption for Authentication in Large Networks. Communication of the ACM, 21(12):993–999, December 1978.
Article MATH Google Scholar
Dorothy E. Denning, Giovanni Maria Sacco: Timestamps in Key Distribution Protocols. Communication of the ACM, 24(8):533–536, August 1981.
Article MathSciNet Google Scholar

Download references

Author information

Authors and Affiliations

Engineering Research Center for Information Security Technology, Chinese Academy of Science, P.O. Box 8718, 100080, Beijing, China
Zhimin Song & Sihan Qing

Authors

Zhimin Song
View author publications
You can also search for this author in PubMed Google Scholar
Sihan Qing
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Engineering Research Center for Information Security Technology (ERCIST), Chinese Academy of Sciences, P.O. Box 8718, 100080, Beijing, China
Sihan Qing
NTT Labs, 1-1 Hikarinooka, 239-0847, Yokosuka-shi, Japan
Tatsuaki Okamoto
Oracle Corporation, 500 Oracle Parkway, 94065, Redwood Shores, CA, USA
Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Song, Z., Qing, S. (2001). Applying NCP Logic to the Analysis of SSL 3.0. In: Qing, S., Okamoto, T., Zhou, J. (eds) Information and Communications Security. ICICS 2001. Lecture Notes in Computer Science, vol 2229. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45600-7_18

Download citation

DOI: https://doi.org/10.1007/3-540-45600-7_18
Published: 24 October 2001
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42880-0
Online ISBN: 978-3-540-45600-1
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics