Actor Key Compromise: Consequences and Countermeasures

被引:6
作者
Basin, David [1 ]
Cremers, Cas [2 ]
Horvat, Marko [2 ]
机构
[1] Swiss Fed Inst Technol, Dept Comp Sci, Inst Informat Secur, Zurich, Switzerland
[2] Univ Oxford, Dept Comp Sci, Oxford, England
来源
2014 IEEE 27TH COMPUTER SECURITY FOUNDATIONS SYMPOSIUM (CSF) | 2014年
关键词
Security protocols; security properties; Key Compromise Impersonation; adversary models; TLS; SSH; SECURITY;
D O I
10.1109/CSF.2014.25
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Despite Alice's best efforts, her long-term secret keys may be revealed to an adversary. Possible reasons include weakly generated keys, compromised key storage, subpoena, and coercion. However, Alice may still be able to communicate securely with other parties, depending on the protocol used. We call the associated property resilience against Actor Key Compromise (AKC). We formalise this property in a symbolic model and identify conditions under which it can and cannot be achieved. In case studies that include TLS and SSH, we find that many protocols are not resilient against AKC. We implement a concrete AKC attack on the mutually authenticated TLS protocol.
引用
收藏
页码:244 / 258
页数:15
相关论文
共 25 条
  • [1] [Anonymous], 2008, TRANSPORT LAYER SECU
  • [2] Basin D, 2010, LECT NOTES COMPUT SC, V6345, P340, DOI 10.1007/978-3-642-15497-3_21
  • [3] Blake-Wilson S, 1997, LECT NOTES COMPUT SC, V1355, P30, DOI 10.1007/BFb0024447
  • [4] Boyd Colin., 2003, INF SECUR CRYTOGR
  • [5] Chalkias K, 2007, SECRYPT 2007: PROCEEDINGS OF THE SECOND INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, P222
  • [6] Chalkias K, 2008, COMM COM INF SC, V23, P227
  • [7] Cremers C, 2012, INFORM SECURITY CRYP
  • [8] Cremers CJF, 2008, LECT NOTES COMPUT SC, V5123, P414
  • [9] Key-compromise Impersonation Attacks on Some Certificateless Key Agreement Protocols and Two Improved Protocols
    Gao Meng
    Zhang Futai
    [J]. PROCEEDINGS OF THE FIRST INTERNATIONAL WORKSHOP ON EDUCATION TECHNOLOGY AND COMPUTER SCIENCE, VOL II, 2009, : 62 - 66
  • [10] Gorantla MC, 2009, LECT NOTES COMPUT SC, V5443, P105
123