Authentication without Elision: Partially Specified Protocols, Associated Data, and Cryptographic Models Described by Code

CC
CSF
2009
2009 22nd IEEE Computer Security Foundations Symposium
Abstract - Authentication without Elision: Partially Specified Protocols, Associated Data, and Cryptographic Models Described by Code

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Phillip Rogaway Articles by Till Stegers

2009 22nd IEEE Computer Security Foundations Symposium

Port Jefferson, New York

July 08-July 10

ISBN: 978-0-7695-3712-2

	ASCII Text	x
	Phillip Rogaway, Till Stegers, "Authentication without Elision: Partially Specified Protocols, Associated Data, and Cryptographic Models Described by Code," Computer Security Foundations Symposium, IEEE, pp. 26-39, 2009 22nd IEEE Computer Security Foundations Symposium, 2009.

	BibTex	x
	@article{ 10.1109/CSF.2009.23, author = {Phillip Rogaway and Till Stegers}, title = {Authentication without Elision: Partially Specified Protocols, Associated Data, and Cryptographic Models Described by Code}, journal ={Computer Security Foundations Symposium, IEEE}, volume = {0}, year = {2009}, issn = {1063-6900}, pages = {26-39}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSF.2009.23}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Foundations Symposium, IEEE TI - Authentication without Elision: Partially Specified Protocols, Associated Data, and Cryptographic Models Described by Code SN - 1063-6900 SP26 EP39 A1 - Phillip Rogaway, A1 - Till Stegers, PY - 2009 KW - authentication KW - associated data KW - Needham-Schroeder-Lowe protocol KW - provable security KW - security models VL - 0 JA - Computer Security Foundations Symposium, IEEE ER -

Phillip Rogaway

Till Stegers

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSF.2009.23

Specification documents for real-world authentication protocols typically mandate some aspects of a protocol's behavior but leave other features optional or undefined. In addition, real-world schemes often include parameter negotiations, authenticate associated data, and support a multiplicity of options. The cryptographic community has routinely elided such matters from our definitions, schemes, and proofs. We propose encompassing them by explicitly modeling the presence of unspecified protocol functionality. To demonstrate, we provide a new treatment for mutual authentication in the public-key setting, doing this in the computational cryptographic tradition. In our model, compactly described in pseudocode, a protocol core (PC) will call out to protocol details (PD), but, for defining security, such calls will be serviced by the adversary. Parties accepting an authentication exchange will output a string of associated data, the value of which may be determined by the PD calls. We illustrate the approach by re-proving security for the Needham-Schroeder-Lowe public-key protocol, but extended in a manner that would be typical were the mechanism embedded in a real-world standard.

Index Terms:

authentication, associated data, Needham-Schroeder-Lowe protocol, provable security, security models

Citation:

Phillip Rogaway, Till Stegers, "Authentication without Elision: Partially Specified Protocols, Associated Data, and Cryptographic Models Described by Code," csf, pp.26-39, 2009 22nd IEEE Computer Security Foundations Symposium, 2009

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.