Skip to main content
SpringerLink
Log in

An algebraic approach to the verification of a class of Diffie-Hellman protocols

  • Special Issue Paper
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

We present a framework for reasoning about secrecy in a class of Diffie-Hellman protocols. The technique, which shares a conceptual origin with the idea of a rank function, uses the notion of a message-template to determine whether a given value is generable by an intruder in a protocol model. Traditionally, the rich algebraic structure of Diffie-Hellman messages has made it difficult to reason about such protocols using formal, rather than complexity-theoretic, techniques. We describe the approach in the context of the MTI protocols, and derive conditions under which each protocol in the suite can be considered secure.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Abadi, M., Cortier, V.: Deciding knowledge in security protocols under equational theories. In: 31st International Colloquium on Automata, Languages and Programming: ICALP’04, Lecture Notes in Computer Science, vol. 3142. Springer, Heidelberg (2004)

  2. Agnew, G., Mullin, R., Vanstone, S.: An interactive data exchange protocol sbased on discrete exponentiation. In: Advances in Cryptology: Proceedings of EUROCRYPT ’88, Lecture Notes in Computer Science, vol. 0330. Springer, (1988)

  3. Ateniese, G., Steiner, M., Tsudik, G.: Authenticated group key agreement and friends. In: Proceedings of the 5th ACM Conference on Computer and Communication Security. ACM Press (2000)

  4. Boyd C. and Mathuria A. (2003). Protocols for Authentication and Key Establishment. Springer, Heidelberg

    Google Scholar 

  5. Bresson, E., Chevassut, O., Pointcheval, D.: Provably authenticated group Diffie-Hellman key exchange—the dynamic case. In: Advances in Cryptology: Proceedings of ASIACRYPT ’01, Lecture Notes in Computer Science, vol. 2248. Springer, Heidelberg (2001)

  6. Broadfoot, P., Roscoe, A. W.: Internalising agents in CSP protocol models. In: Workshop on Issues in the Theory of Security: WITS ’02 (2002)

  7. Burmester, M.: On the risk of opening distributed keys. In: Advances in Cryptology: Proceedings of CRYPTO ’94, Lecture Notes in Computer Science, vol. 0839. Springer, Heidelberg (1994)

  8. Delicata, R., Schneider, S.: A formal model of Diffie-Hellman using CSP and rank functions. Tech. Rep. CSD-TR-03-05, Department of Computer Science, Royal Holloway, University of London (2003)

  9. Delicata, R., Schneider, S.: A formal approach to the verification of a class of Diffie-Hellman protocols. In: Formal Aspects in Security and Trust: Third International Workshop, FAST 2005, Lecture Notes in Computer Science, vol. 3866. Springer, Heidelberg (2005)

  10. Delicata, R., Schneider, S.: Temporal rank functions for forward secrecy. In: Proceedings of the 18th Computer Security Foundations Workshop: CSFW-18. IEEE Computer Society Press (2005)

  11. Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. on Inf. Theory IT-22(6), (1976)

  12. Heather, J.: ‘Oh! ... Is it really you?’ using rank functions to verify authentication protocols. Ph.D Thesis, Royal , University of London (2001)

  13. Just, M., Vaudenay, S.: Authenticated multi-party key agreement. In: Advances in Cryptology: Proceedings of ASIACRYPT ’96, Lecture Notes in Computer Science, vol. 1163. Springer, Heidelberg (1996)

  14. Lim C., Lee P. A key recovery attack on discrete log-based schemes using a prime order subgroup. In: Advances in Cryptology: Proceedings of CRYPTO ’97, Lecture Notes in Computer Science, vol. 1294. Springer, Heidelberg (1994)

  15. Matsumoto, T., Takashima, Y., Imai, H.: On seeking smart public-key-distribution systems. Trans. IECE Japan E69(2) (1986)

  16. Meadows, C.: Extending formal cryptographic protocol analysis techniques for group protocols and low-level cryptographic primitives. In: Workshop on Issues in the Theory of Security: WITS ’00 (2000)

  17. Menezes, A., Qu, M., Vanstone, S.: Some new key agreement protocols providing mutual implicit authentication. In: Workshop on Selected Areas in Cryptography: SAC ’95 (1995)

  18. Millen, J., Shmatikov, V.: Symbolic protocol analysis with products and Diffie-Hellman exponentiation. In: Proceedings of the 16th Computer Security Foundations Workshop: CSFW-16. IEEE Computer Society Press (2003)

  19. Pereira, O., Quisquater, J.J.: Security analysis of the Cliques protocols suites. In: Proceedings of the 14th IEEE Computer Security Foundations Workshop: CSFW-14. IEEE Computer Society Press (2001)

  20. Schneider, S.: Verifying authentication protocols with CSP. In: Proceedings of the 10th IEEE Computer Security Foundations Workshop: CSFW-10. IEEE Computer Society Press (1997)

  21. Schneider S. (2000). Concurrent and Real-time Systems: The CSP Approach. Wiley, New York

    Google Scholar 

  22. Song, B., Kim, K.: Two-pass authenticated key agreement protocols with key confirmation. In: Progress in Cryptology: Proceedings of INDOCRYPT 2000, Lecture Notes in Computer Science, vol. 1977. Springer, Heidelberg (2000)

  23. Thayer Fábrega, F.J., Herzog, J., Guttman, J.: Strand spaces: Proving security protocols correct. J. Comput. Security 7(2/3) (1999)

Download references

Author information

Authors and Affiliations

  1. Department of Computing, University of Surrey, Guildford, Surrey, GU2 7XH, UK

    Rob Delicata & Steve Schneider

Authors
  1. Rob Delicata
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Steve Schneider
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Steve Schneider.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Delicata, R., Schneider, S. An algebraic approach to the verification of a class of Diffie-Hellman protocols. Int. J. Inf. Secur. 6, 183–196 (2007). https://doi.org/10.1007/s10207-007-0013-2

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-007-0013-2

Keywords

Search

Navigation