Skip to main content
SpringerLink
Log in
Book cover

Cambridge International Workshop on Security Protocols

Security Protocols 2017: Security Protocols XXV pp 123–136Cite as

Key Exchange with the Help of a Public Ledger

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10476))

Abstract

Blockchains and other public ledger structures promise a new way to create globally consistent event logs and other records. We make use of this consistency property to detect and prevent man-in-the-middle attacks in a key exchange such as Diffie-Hellman or ECDH. Essentially, the MitM attack creates an inconsistency in the world views of the two honest parties, and they can detect it with the help of the ledger. Thus, there is no need for prior knowledge or trusted third parties apart from the distributed ledger. To prevent impersonation attacks, we require user interaction. It appears that, in some applications, the required user interaction is reduced in comparison to other user-assisted key-exchange protocols.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    https://www.factom.com/.

  2. 2.

    https://proofofexistence.com/.

  3. 3.

    https://virtual-notary.org/.

  4. 4.

    https://tierion.com/.

  5. 5.

    http://www.cryptophone.de/.

  6. 6.

    https://www.silentcircle.com/.

  7. 7.

    https://whispersystems.org/.

References

  1. Blockstack, December 2016. https://blockstack.org

  2. Comodo fraud incident, January 2017. https://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html

  3. DigiNotar SSL certificate hack amounts to cyberwar, says expert, January 2017. https://www.theguardian.com/technology/2011/sep/05/diginotar-certificate-hack-cyberwar

  4. Yahoo hack: 1bn accounts compromised by biggest data breach in history, January 2017. https://www.theguardian.com/technology/2016/dec/14/yahoo-hack-security-of-one-billion-accounts-breached

  5. Alliance, Z., et al.: Zigbee Specification (2006)

    Google Scholar 

  6. Aura, T., Nikander, P., Leiwo, J.: DOS-resistant authentication with client puzzles. In: Christianson, B., Malcolm, J.A., Crispo, B., Roe, M. (eds.) Security Protocols 2000. LNCS, vol. 2133, pp. 170–177. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44810-1_22

    Chapter  Google Scholar 

  7. Barrdear, J., Kumhof, M.: The macroeconomics of central bank issued digital currencies (2016)

    Google Scholar 

  8. Basin, D., Cremers, C., Kim, T.H.J., Perrig, A., Sasse, R., Szalachowski, P.: ARPKI: attack resilient public-key infrastructure. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 382–393. ACM (2014)

    Google Scholar 

  9. Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: Proceedings of the Computer Society Symposium on Research in Security and Privacy, pp. 72–84. IEEE (1992)

    Google Scholar 

  10. Blossom, E.: The VP1 protocol for voice privacy devices version 1.2 (1999)

    Google Scholar 

  11. Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6_12

    Chapter  Google Scholar 

  12. Bui, T., Aura, T.: Application of public ledgers to revocation in distributed access control. https://arxiv.org/abs/1608.06592

  13. Chase, M., Meiklejohn, S.: Transparency overlays and applications. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 168–179. ACM (2016)

    Google Scholar 

  14. Dierks, T.: The transport layer security (TLS) protocol version 1.2. RFC 5246 (2008)

    Google Scholar 

  15. Diffie, W., Van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchanges. Des. Codes Crypt. 2(2), 107–125 (1992)

    Article  MathSciNet  Google Scholar 

  16. Electronic Frontier Foundation: National security letters, July 2015. https://www.eff.org/issues/national-security-letters

  17. Gehrmann, C., Mitchell, C.J., Nyberg, K.: Manual authentication for wireless devices. RSA Cryptobytes 7(1), 29–37 (2004)

    Google Scholar 

  18. Gellman, B.: The FBI’s secret scrutiny, July 2015. http://www.washingtonpost.com/wp-dyn/content/article/2005/11/05/AR2005110501366.html

  19. Gupta, P., Shmatikov, V.: Security analysis of voice-over-IP protocols. In: Proceedings of the Computer Security Foundations Symposium, pp. 49–63. IEEE (2007)

    Google Scholar 

  20. Hao, F., Ryan, P.: J-PAKE: authenticated key exchange without PKI. In: Gavrilova, M.L., Tan, C.J.K., Moreno, E.D. (eds.) Transactions on Computational Science XI. LNCS, vol. 6480, pp. 192–206. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17697-5_10

    Chapter  Google Scholar 

  21. IEEE Standards 802.11 WG, Part 11: Wireless LAN medium access control (MAC) and physical layer (PHY) specifications

    Google Scholar 

  22. IEEE Standards 802.15 1–2005, Part 15.1: Wireless medium access control (MAC) and physical layer (PHY) specifications for wireless personal area networks (WPANs) (2005)

    Google Scholar 

  23. Jablon, D.P.: Strong password-only authenticated key exchange. ACM SIGCOMM Comput. Commun. Rev. 26(5), 5–26 (1996)

    Article  Google Scholar 

  24. Kalodner, H., Carlsten, M., Ellenbogen, P., Bonneau, J., Narayanan, A.: An empirical study of Namecoin and lessons for decentralized namespace design. In: Proceedings of the Workshop on the Economics of Information Security (WEIS) (2015)

    Google Scholar 

  25. Kim, T.H.J., Huang, L.S., Perring, A., Jackson, C., Gligor, V.: Accountable key infrastructure (AKI): a proposal for a public-key validation infrastructure. In: Proceedings of the 22nd International Conference on World Wide Web, pp. 679–690 (2013)

    Google Scholar 

  26. Laur, S., Nyberg, K.: Efficient mutual data authentication using manually authenticated strings. In: Pointcheval, D., Mu, Y., Chen, K. (eds.) CANS 2006. LNCS, vol. 4301, pp. 90–107. Springer, Heidelberg (2006). https://doi.org/10.1007/11935070_6

    Chapter  Google Scholar 

  27. Laurie, B., Langley, A., Kasper, E.: Certificate transparency. RFC 6962, IETF (2013)

    Google Scholar 

  28. Lichtblau, E.: Judge tells Apple to help unlock iPhone used by San Bernardino Gunman, July 2015. http://www.nytimes.com/2016/02/17/us/judge-tells-apple-to-help-unlock-san-bernardino-gunmans-iphone.html

  29. Melara, M.S., Blankstein, A., Bonneau, J., Felten, E.W., Freedman, M.J.: CONIKS: Bringing key transparency to end users. In: Proceedings of the USENIX Security Symposium, pp. 383–398 (2015)

    Google Scholar 

  30. Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system (2008)

    Google Scholar 

  31. O’leary, D., D’agostino, V., Re, S.R., Burney, J., Hoffman, A.: Method and system for processing internet payments using the electronic funds transfer network, US Patent Application number 13/789,826 (2013)

    Google Scholar 

  32. Petraschek, M., Hoeher, T., Jung, O., Hlavacs, H., Gansterer, W.N.: Security and usability aspects of man-in-the-middle attacks on ZRTP. J. Univ. Comput. Sci. 14(5), 673–692 (2008)

    Google Scholar 

  33. Ryan, M.D.: Enhanced certificate transparency and end-to-end encrypted mail. In: Proceedings of the Network and Distributed System Security Symposium (2014)

    Google Scholar 

  34. Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39568-7_5

    Chapter  Google Scholar 

  35. Shin, L.: Canada has been experimenting with a digital fiat currency called CAD-COIN (2016), March 2017

    Google Scholar 

  36. Szalachowski, P., Chuat, L., Perrig, A.: PKI Safety Net (PKISN): addressing the too-big-to-be-revoked problem of the TLS ecosystem. In: 1st IEEE European Symposium on Security and Privacy (2016)

    Google Scholar 

  37. Szalachowski, P., Matsumoto, S., Perrig, A.: PoliCert: secure and flexible TLS certificate management. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 406–417. ACM (2014)

    Google Scholar 

  38. Vaudenay, S.: Secure communications over insecure channels based on short authenticated strings. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 309–326. Springer, Heidelberg (2005). https://doi.org/10.1007/11535218_19

    Chapter  Google Scholar 

  39. Wood, G.: Ethereum: A secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper (2014)

    Google Scholar 

  40. Wu, T.D.: The secure remote password protocol. In: Proceedings of the Internet Society Symposium on Network and Distributed System Security, vol. 98, pp. 97–111 (1998)

    Google Scholar 

  41. Yu, J., Ryan, M., Cremers, C.: DECIM: detecting endpoint compromise in messaging. Technical report (2015)

    Google Scholar 

  42. Zimmermann, P., Johnston, A., Callas, J.: ZRTP: media path key agreement for unicast secure RTP. RFC 6189 (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Aalto University, Espoo, Finland

    Thanh Bui & Tuomas Aura

Authors
  1. Thanh Bui
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tuomas Aura
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Thanh Bui .

Editor information

Editors and Affiliations

  1. University of Cambridge, Cambridge, United Kingdom

    Frank Stajano

  2. Memorial University of Newfoundland, St. John’s, Newfoundland and Labrador, Canada

    Jonathan Anderson

  3. University of Hertfordshire, Hatfield, United Kingdom

    Bruce Christianson

  4. Masaryk University, Brno, Czech Republic

    Vashek Matyáš

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bui, T., Aura, T. (2017). Key Exchange with the Help of a Public Ledger. In: Stajano, F., Anderson, J., Christianson, B., Matyáš, V. (eds) Security Protocols XXV. Security Protocols 2017. Lecture Notes in Computer Science(), vol 10476. Springer, Cham. https://doi.org/10.1007/978-3-319-71075-4_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-71075-4_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-71074-7

  • Online ISBN: 978-3-319-71075-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation