Forbidden City Model – Towards a Practice Relevant Framework for Designing Cryptographic Protocols
Designing a cryptographic protocol for practical applications is a challenging task even for relatively simple scenarios. The usual approach is to design a protocol having in mind some simple attack scenarios. This produces clean designs but many security problems might be ignored. Repeatedly, the development in this area was a sequence of steps: many protocols have been proposed and subsequently broken by presenting realistic attack situations not covered by the original security model. The resulting situation is an abundance of models, which are less and less intuitive, hard to compare and to understand.
Our goal is to provide a simple and intuitive framework that would help us to capture the key properties of the real world architectures and attack scenarios. Motivated by the smart card design, the main idea is to build the system architecture in the way that resembles the courts of the Emperor’s Palace in the ancient China. There are many internal courts and strict rules how to cross the boundaries between these separate areas. The crucial part of the model is specifying what the adversary can do in each part of the system.
Keywordscryptographic device security model adversary attack PACE active authentication
- 6.Bundesamt für Sicherheit in der Informationstechnik: Elliptic Curve Cryptography. Technische Richtlinie TR-03111 v2.0 (June 2012)Google Scholar
- 9.ISO/IEC 14888-3/Amd 1:2010: Information technology - Security techniques - Digital signatures with appendix - Part 3: Discrete logarithm based mechanisms, AMENDMENT 1 (2010)Google Scholar
- 10.ISO/IEC 14888-3/Amd 2:2012: Information technology - Security techniques - Digital signatures with appendix - Part 3: Discrete logarithm based mechanisms, AMENDMENT 2 (2012)Google Scholar
- 11.Jablon, D.P.: Extended password key exchange protocols immune to dictionary attacks. In: WETICE, pp. 248–255. IEEE Computer Society (1997)Google Scholar
- 13.Nicolosi, A., Krohn, M.N., Dodis, Y., Mazières, D.: Proactive two-party signatures for user authentication. In: NDSS. The Internet Society (2003)Google Scholar