On the perfect encryption assumption

2008

This article discusses the paper “Protocol insecurity with a finite number of sessions and composed keys is NP-complete ” [1]. Some understanding of the paper is recorded in this article. Especially a non-trivial error of the NP proof of [1] is presented, and we provide a solution to fix this error. We suggest that the NP-completeness proof can be improved in several aspects.

1997

Information Processing Letters, 1995

2019 IEEE Canadian Conference of Electrical and Computer Engineering (CCECE), 2019

In this paper, we show how practical the little theorem of witness functions is in detecting security flaws in some category of cryptographic protocols. We convey a formal analysis of the Needham-Schroeder symmetric-key protocol in the theory of witness functions. We show how it helps to teach about a security vulnerability in a given step of this protocol where the value of security of a particular sensitive ticket in a sent message unexpectedly plummets compared with its value when received. This vulnerability may be exploited by an intruder to mount a replay attack as described by Denning and Sacco.

Lecture Notes in Computer Science

We develop a simple model of computation under whicb to study the meaning of cryptographic protocol and security. We define a protocol as a mathematical object and security as a possible property of this object, Having formalized the concept of a secure protocol we study its general properties. We back up our contention that the model is reasonable by solving wme well known cryptography problems within the framework of the model. 1. Introduction. It can be argued that cryptographers have been able to provide satisfactory solutions to only the simplest among the problems involving transactions between mutually suspicious parties. In this category lie problems like flipping coins [l]. exchange of a single bit [2] (or a fraction of a bit [31), demonstrating the truth of some boolean predicates on the secret keys [41, and the Oblivious Transfer [51 [61. Harder problems ('1 Research spnsard in port by GTE fellowahip. 1.9 Research sponsored by the Helen and George Panin Fellowshi0 L**Y Reaeuch smonsored in uart by NSF man1 MCS-82-UL1506 and by Uuivemidad. .

2007

Abstract In this chapter, we show how security protocols can be attacked by exploiting the underlying block cipher modes of operation. We first present a comprehensive treatment of the properties and weaknesses of standard modes of operation. We then show why all modes of operation should not be used with public-key ciphers in public-key security protocols. This includes the cipher block chaining (CBC) mode when there is no integrity protection of the initialisation vector (IV).

Scholarpedia, 2013

ACM SIGOPS Operating Systems Review, 1994

2004

Recently, Sun, Chen and Hwang [J. Syst. Software, 75 (2005), 63-68] have proposed two new three-party protocols, one for password-based authenticated key agreement and one for verifier-based authenticated key agreement. In this paper, we show that both of Sun-Chen-Hwang's protocols are insecure against an active adversary who can intercept messages, start multiple sessions of a protocol, or otherwise control the communication in the network. Also, we present a simple solution to the security problem with the protocols.