A Computational Analysis of the Needham-Schröeder-(Lowe) Protocol

CC
CSFW
2003
16th IEEE Computer Security Foundations Workshop (CSFW'03)
Abstract - A Computational Analysis of the Needham-Schröeder-(Lowe) Protocol

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Bogdan Warinschi

16th IEEE Computer Security Foundations Workshop (CSFW'03)

Pacific Grove, California

June 30-July 02

ISBN: 0-7695-1927-X

	ASCII Text	x
	Bogdan Warinschi, "A Computational Analysis of the Needham-Schröeder-(Lowe) Protocol," Computer Security Foundations Workshop, IEEE, pp. 248, 16th IEEE Computer Security Foundations Workshop (CSFW'03), 2003.

	BibTex	x
	@article{ 10.1109/CSFW.2003.1212717, author = {Bogdan Warinschi}, title = {A Computational Analysis of the Needham-Schröeder-(Lowe) Protocol}, journal ={Computer Security Foundations Workshop, IEEE}, volume = {0}, year = {2003}, issn = {1063-6900}, pages = {248}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSFW.2003.1212717}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Foundations Workshop, IEEE TI - A Computational Analysis of the Needham-Schröeder-(Lowe) Protocol SN - 1063-6900 SP EP A1 - Bogdan Warinschi, PY - 2003 KW - null VL - 0 JA - Computer Security Foundations Workshop, IEEE ER -

Bogdan Warinschi, University of California at San Diego

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSFW.2003.1212717

We provide the first computational analysis of the well known Needham-Schröeder(-Lowe) protocol. We show that Lowe?s attack to the original protocol can naturally be cast to the computational framework. Then we prove that chosen-plaintext security for encryption schemes is not sufficient to ensure soundness of formal proofs with respect to the computational setting, by exhibiting an attack against the corrected version of the protocol implemented using an ElGamal encryption scheme. Our main result is a proof that, when implemented using an encryption scheme that satisfies indistinguishability under chosen-ciphertext attack, the Needham-Schr?oeder-Lowe protocol is indeed a secure mutual authentication protocol. The technicalities of our proof reveal new insights regarding the relation between formal and computational models for system security.

Citation:

Bogdan Warinschi, "A Computational Analysis of the Needham-Schröeder-(Lowe) Protocol," csfw, pp.248, 16th IEEE Computer Security Foundations Workshop (CSFW'03), 2003

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.