20/02/2009, 16:15 — 17:15 — Room P3.10, Mathematics Building
Manuel Bernardo Barbosa, Universidade do Minho
Security Analysis of Standard Authentication and Key Agreement
Protocols Utilising Timestamps
We propose a generic modelling technique that can be used to extend
existing frameworks for the theoretical security analysis of
cryptographic protocols in order to formally capture the use of
timestamps. For concreteness, we apply this technique to two of the
most popular models adopted in literature: the family of models
stemming from the work of Bellare and Rogaway (BR) and the model
proposed by Canetti and Krawczyk (CK). We analyse previous results
obtained using these models in light of the proposed extensions,
and demonstrate their application to a new class of protocols. In
the timed CK model we concentrate on modular design and analysis of
protocols. We show that the original authenticated and
unauthenticated models are not made redundant by their timed
variants: one can still use them to analyse time-independent
protocols, and the results naturally carry over to the timed
models. Moreover, we propose a more efficient timed authenticator
relying on timestamps. The structure of this new authenticator and
the security proof we provide imply that a signature-based
unilateral authentication mechanism standardised in ISO-9798 is
secure for message authentication. Finally, we use our timed
extension to the BR model to establish the security of an efficient
ISO protocol for key transport and unilateral entity
authentication, for which no proof of security was previously
available.
This seminar will be held in the Alameda campus!
