Forbidden City Model – Towards a Practice Relevant Framework for Designing Cryptographic Protocols

  • Mirosław Kutyłowski
  • Lucjan Hanzlik
  • Kamil Kluczniak
  • Przemysław Kubiak
  • Łukasz Krzywiecki
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8434)


Designing a cryptographic protocol for practical applications is a challenging task even for relatively simple scenarios. The usual approach is to design a protocol having in mind some simple attack scenarios. This produces clean designs but many security problems might be ignored. Repeatedly, the development in this area was a sequence of steps: many protocols have been proposed and subsequently broken by presenting realistic attack situations not covered by the original security model. The resulting situation is an abundance of models, which are less and less intuitive, hard to compare and to understand.

Our goal is to provide a simple and intuitive framework that would help us to capture the key properties of the real world architectures and attack scenarios. Motivated by the smart card design, the main idea is to build the system architecture in the way that resembles the courts of the Emperor’s Palace in the ancient China. There are many internal courts and strict rules how to cross the boundaries between these separate areas. The crucial part of the model is specifying what the adversary can do in each part of the system.


cryptographic device security model adversary attack PACE active authentication 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Barbu, G., Thiebeauld, H., Guerin, V.: Attacks on Java Card 3.0 combining fault and logical attacks. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 148–163. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  2. 2.
    Becker, G.T., Regazzoni, F., Paar, C., Burleson, W.P.: Stealthy dopant-level hardware Trojans. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 197–214. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  3. 3.
    Bender, J., Dagdelen, Ö., Fischlin, M., Kügler, D.: The PACE|AA protocol for machine readable travel documents, and its security. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 344–358. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  4. 4.
    Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  5. 5.
    Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. J. Cryptology 17(4), 297–319 (2004)CrossRefzbMATHMathSciNetGoogle Scholar
  6. 6.
    Bundesamt für Sicherheit in der Informationstechnik: Elliptic Curve Cryptography. Technische Richtlinie TR-03111 v2.0 (June 2012)Google Scholar
  7. 7.
    Gołębiewski, Z., Kutyłowski, M., Zagórski, F.: Stealing secrets with SSL/TLS and SSH – kleptographic attacks. In: Pointcheval, D., Mu, Y., Chen, K. (eds.) CANS 2006. LNCS, vol. 4301, pp. 191–202. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Hanzlik, L., Krzywiecki, Ł., Kutyłowski, M.: Simplified PACE|AA protocol. In: Deng, R.H., Feng, T. (eds.) ISPEC 2013. LNCS, vol. 7863, pp. 218–232. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  9. 9.
    ISO/IEC 14888-3/Amd 1:2010: Information technology - Security techniques - Digital signatures with appendix - Part 3: Discrete logarithm based mechanisms, AMENDMENT 1 (2010)Google Scholar
  10. 10.
    ISO/IEC 14888-3/Amd 2:2012: Information technology - Security techniques - Digital signatures with appendix - Part 3: Discrete logarithm based mechanisms, AMENDMENT 2 (2012)Google Scholar
  11. 11.
    Jablon, D.P.: Extended password key exchange protocols immune to dictionary attacks. In: WETICE, pp. 248–255. IEEE Computer Society (1997)Google Scholar
  12. 12.
    Neven, G., Smart, N.P., Warinschi, B.: Hash function requirements for Schnorr signatures. J. Mathematical Cryptology 3(1), 69–87 (2009)CrossRefzbMATHMathSciNetGoogle Scholar
  13. 13.
    Nicolosi, A., Krohn, M.N., Dodis, Y., Mazières, D.: Proactive two-party signatures for user authentication. In: NDSS. The Internet Society (2003)Google Scholar
  14. 14.
    Schnorr, C.P.: Efficient signature generation by smart cards. J. Cryptology 4(3), 161–174 (1991)CrossRefzbMATHMathSciNetGoogle Scholar
  15. 15.
    Young, A., Yung, M.: The prevalence of kleptographic attacks on discrete-log based cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 264–276. Springer, Heidelberg (1997)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Mirosław Kutyłowski
    • 1
  • Lucjan Hanzlik
    • 1
  • Kamil Kluczniak
    • 1
  • Przemysław Kubiak
    • 1
  • Łukasz Krzywiecki
    • 1
  1. 1.Faculty of Fundamental Problems of TechnologyWrocław University of TechnologyPoland

Personalised recommendations