Skip to main content
SpringerLink
Log in
Book cover

International Conference on Cryptology in Africa

AFRICACRYPT 2009: Progress in Cryptology – AFRICACRYPT 2009 pp 235–253Cite as

Security Analysis of Standard Authentication and Key Agreement Protocols Utilising Timestamps

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5580))

Abstract

We propose a generic modelling technique that can be used to extend existing frameworks for theoretical security analysis in order to capture the use of timestamps. We apply this technique to two of the most popular models adopted in literature (Bellare-Rogaway and Canetti-Krawczyk). We analyse previous results obtained using these models in light of the proposed extensions, and demonstrate their application to a new class of protocols. In the timed CK model we concentrate on modular design and analysis of protocols, and propose a more efficient timed authenticator relying on timestamps. The structure of this new authenticator implies that an authentication mechanism standardised in ISO-9798 is secure. Finally, we use our timed extension to the BR model to establish the security of an efficient ISO protocol for key transport and unilateral entity authentication.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Backes, M.: Unifying Simulatability Definitions in Cryptographic Systems under Different Timing Assumptions. In: Amadio, R., Lugiez, D. (eds.) CONCUR 2003. LNCS, vol. 2761, pp. 350–365. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  2. Bellare, M., Canetti, R., Krawczyk, H.: A Modular Approach to the Design and Analysis of Authentication and Key Exchange Protocols. In: The 30th Annual ACM Symposium on Theory of Computing, pp. 419–428. ACM Press, New York (1998)

    Google Scholar 

  3. Bellare, M., Namprempre, C.: Authenticated Encryption: Relations Among Notions and Analysis of the Generic Composition Paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  4. Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  5. Bellare, M., Rogaway, P.: Provably Secure Session Key Distribution: The Three Party Case. In: Proceedings of the 27th Annual Symposium on the Theory of Computing, pp. 57–66. ACM Press, New York (1995)

    Google Scholar 

  6. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure Against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  7. Blanchet, B., Jaggard, A.D., Scedrov, A., Tsay, J.-K.: Computationally Sound Mechanised Proofs for Basic and Public-Key Kerberos. In: 2008 ACM Symposium on Information, Computer and Communications Security, pp. 87–99. ACM Press, New York (2008)

    Google Scholar 

  8. Blanchet, B., Pointcheval, D.: Automated Security Proofs with Sequences of Games. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 537–554. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  9. Boldyreva, A., Kumar, V.: Provable-Security Analysis of Authenticated Encryption in Kerberos. In: 2007 IEEE Symposium on Security and Privacy, pp. 92–100. IEEE Computer Society, Los Alamitos (2007)

    Chapter  Google Scholar 

  10. Canetti, R.: Universally Composable Security: A New Paradigm for Cryptographic Protocols. In: 42nd IEEE Symposium on Foundations of Computer Science, pp. 136–145. IEEE Computer Society Press, Los Alamitos (2001)

    Google Scholar 

  11. Canetti, R., Krawczyk, H.: Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  12. Canetti, R., Krawczyk, H.: Universally Composable Notions of Key-Exchange and Secure Channels. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 337–351. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  13. Denning, D.E., Sacco, G.M.: Timestamps in Key Distribution Protocols. Communications of the ACM 24(8), 533–536 (1981)

    Article  Google Scholar 

  14. Gong, L.: A Security Risk of Depending on Synchronized Clocks. ACM SIGOPS Operating Systems Review 26(1), 49–53 (1992)

    Article  MathSciNet  Google Scholar 

  15. ISO/IEC 11770-2: Information Technology – Security Techniques – Key Management – Part 2: Mechanisms Using Symmetric Techniques (2008)

    Google Scholar 

  16. ISO/IEC 9798-2: Information Technology – Security Techniques – Entity Authentication – Part 2: Mechanisms Using Symmetric Encipherment Algorithms (1999)

    Google Scholar 

  17. ISO/IEC 9798-3: Information Technology – Security Techniques – Entity Authentication – Part 3: Mechanisms Using Digital Signature Techniques (1998)

    Google Scholar 

  18. Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (2001)

    MATH  Google Scholar 

  19. Newman, C., Yu, T., Hartman, S., Raeburn, K.: The Kerberos Network Authentication Service, V5 (2005), http://www.ietf.org/rfc/rfc4120

Download references

Author information

Authors and Affiliations

  1. Departamento de Informática, Universidade do Minho, Campus de Gualtar, 4710-057, Braga, Portugal

    Manuel Barbosa & Pooya Farshim

Authors
  1. Manuel Barbosa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pooya Farshim
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. Electrical Engineering-ESAT/COSIC, Katholieke Universiteit Leuven, Kasteelpark Arenberg 10, Bus 2446, 3001, Leuven, Belgium

    Bart Preneel

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Barbosa, M., Farshim, P. (2009). Security Analysis of Standard Authentication and Key Agreement Protocols Utilising Timestamps. In: Preneel, B. (eds) Progress in Cryptology – AFRICACRYPT 2009. AFRICACRYPT 2009. Lecture Notes in Computer Science, vol 5580. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02384-2_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-02384-2_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-02383-5

  • Online ISBN: 978-3-642-02384-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation