Abstract
Current mainstream work on security protocols usually focuses on achieving one instance of some security property, even when composition of smaller components is used in the design. This paper, instead, advocates special attention to internal components and the environment of security protocols in order to implement extra instances of the same security property. These multiple instances would be able to maintain the security property even if one or more of them failed under the attack of an adversary, providing a degrading path for the protocol assurances instead of the usual catastrophic failure.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Lowe, G.: A hierarchy of authentication specification. In: Proceedings of the 10th IEEE Computer Security Foundations Workshop (1997)
Boyd, C., Mathuria, A.: Protocols for Authentication and Key Establishment. Springer, Heidelberg (2003)
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: Proc. 42nd IEEE Symposium on Foundations of Computer Science (FOCS), pp. 136–145 (2001)
Borisov, N., Goldberg, I., Brewer, E.: Off-the-record communication, or, why not to use PGP. In: WPES 2004 Workshop on Privacy In the Electronic Society, pp. 77–84. ACM Press, New York (2004)
Zhu, L., Tung, B.: Public key cryptography for initial authentication in Kerberos (PKINIT). In: Group, N.W. (ed.) RFC 4556 IETF (June 2006)
Rackoff, C., Simon, D.R.: Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 433–444. Springer, Heidelberg (1992)
Canetti, R., Krawczyk, H., Nielsen, J.: Relaxing chosen ciphertext security of encryption schemes. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, Springer, Heidelberg (2003)
Canetti, R., Herzog, J.: Universally composable symbolic analysis of cryptographic protocols: the case of encryption-based mutual authentication and key exchange. In: DIMACS workshop on protocol security analysis (2004)
Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Sciences 28, 270–299 (1984)
Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, Springer, Heidelberg (1998)
Bellare, M., Boldyreva, A., Micali, S.: Public-key encryption in a multi-user setting. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 259–274. Springer, Heidelberg (2000)
Dolev, D., Dwork, C., Naor, M.: Non-malleable cryptography. SIAM Journal on Computing 30(2), 391–437 (2000)
Oppliger, R.: Contemporary Cryptography. Computer Security Series. Artech House (2005)
Blake-Wilson, S., Menezes, A.: Unknown key-share attacks on the station-to-station (STS) protocol. In: Imai, H., Zheng, Y. (eds.) PKC 1999. LNCS, vol. 1560, p. 154. Springer, Heidelberg (1999)
Baek, J., Kim, K.: Remarks on the unknown key-share attacks. TIEICE: IEICE Transactions on Communications/Electronics/Information and Systems E83-A(12), 2766–2769 (2000)
Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)
Lowe, G.: Breaking and fixing the Needham-Schroeder public key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)
Needham, R., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Communications of the ACM 21(12), 993–999 (1978)
Davis, D.: Defective sign&encrypt in S/MIME, PKCS#7, MOSS, PEM, PGP, and XML. In: 2001 USENIX Annual Technical Conference, USENIX, pp. 65–78 (2001)
Bellare, M., Rogaway, P.: Encode-then-encipher encryption: How to exploit nonces or redundancy in plaintexts for efficient cryptography. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, p. 317. Springer, Heidelberg (2000)
Luby, M., Rackoff, C.: How to construct pseudorandom permutations from pseudorandom functions. SIAM Journal of Computing 17(2) (1988)
Joux, A.: Multicollisions in iterated hash functions: Application to cascaded constructions. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 306–316. Springer, Heidelberg (2004)
Szydlo, M., Yin, Y.L.: Collision-resistant usage of MD5 and SHA-1 via message pre-processing. In: Cryptographic Hash Workshop, NIST (2005)
Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)
Contini, S., Yin, Y.L.: Forgery and partial key recovery attacks on HMAC and NMAC using hash collisions. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 37–53. Springer, Heidelberg (2006)
Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000)
Krawczyk, H.: The order of encryption and authentication for protecting communication. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 310–331. Springer, Heidelberg (2001)
Dodis, Y., Katz, J.: Chosen-ciphertext security of multiple-encryption. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 188–209. Springer, Heidelberg (2005)
Guttman, J., Fabrega, F.J.T.: Authentication tests and the structure of bundles. Theoretical Computer Science 283(2), 333–380 (2000)
Koops, B.J.: The Crypto Controversy. Kluwer Law International, The Hague (1999)
Diffie, W., van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchange. Designs, Codes and Cryptography 2, 107–125 (1992)
Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)
Krawczyk, H.: SIGMA: The ‘SIGn-and-MAc’ approach to authenticated Diffie-Hellman and its use in the IKE-protocols. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 400–425. Springer, Heidelberg (2003)
Anderson, R., Needham, R.: Robustness principles for public key protocols. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 247–263. Springer, Heidelberg (1995)
Johnson, D.B.: ECC, future resiliency and high security systems. In: Public Key Solutions, Certicom (1999)
Roe, M.: Non-repudiation and the metaphysics of presence. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2005. LNCS, vol. 4631, pp. 204–206. Springer, Heidelberg (2007)
Gunther, C.: An identity-based key exchange protocol. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 29–37. Springer, Heidelberg (1990)
Cervesato, I., Jaggard, A.D., Scedrov, A., Tsay, J.K., Walstad, C.: Breaking and fixing public-key Kerberos. In: WITS 2006 6th International Workshop on Issues in the Theory of Security (2006)
Shmuely, Z.: Composite diffie-hellman public-key generating systems are hard to break. Technical Report 356, Technion - Israel Institute of Technology (1985)
Shamir, A.: How to share a secret. Communications of ACM 22(11), 612–613 (1979)
Desmedt, Y., Frankel, Y.: Threshold cryptosystems. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 307–315. Springer, Heidelberg (1990)
Desmedt, Y.: Some recent research aspects of threshold cryptography. In: Vulkov, L.G., Yalamov, P., Waśniewski, J. (eds.) WNAA 1996. LNCS, vol. 1196, pp. 158–173. Springer, Heidelberg (1997)
Herzberg, A.: Tolerant combiners: Resilient cryptographic design. In: Cryptology ePrint Archive, vol. 135 (2002), http://eprint.iacr.org/2002/135
Herzberg, A.: On tolerant cryptographic constructions. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 172–190. Springer, Heidelberg (2005)
Herzberg, A., Jakobsson, M., Jarecki, S., Krawczyk, H., Yung, M.: Proactive public key and signature systems. In: ACM Conference on Computer and Communications Security, pp. 100–110 (1997)
Canetti, R., Herzberg, A.: Maintaining security in the presence of transient faults. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 425–438. Springer, Heidelberg (1994)
Boly, J.-P., et al.: The ESPRIT project CAFE - high security digital payment systems. In: Gollmann, D. (ed.) ESORICS 1994. LNCS, vol. 875, pp. 217–230. Springer, Heidelberg (1994)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Granado, M.C. (2010). Resiliency Aspects of Security Protocols. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2007. Lecture Notes in Computer Science, vol 5964. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17773-6_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-17773-6_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17772-9
Online ISBN: 978-3-642-17773-6
eBook Packages: Computer ScienceComputer Science (R0)