Computationally Analyzing the ISO 9798–2.4 Authentication Protocol

  • Britta Hale
  • Colin Boyd
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8893)

Abstract

We provide a computational analysis of the ISO 9798–2.4 mutual authentication standard protocol in the model of Bellare and Rogaway. In contrast to typical analyses of standardized protocols, we include the optional data fields specified in the standard by applying the framework of Rogaway and Stegers. To our knowledge this is the first application of the Rogaway–Stegers technique in a standardized protocol. As well as a precise definition of the computational security properties achieved by the protocol, our analysis supplies concrete security requirements for the cryptographic primitive applied, which are absent from the protocol standard. We show that a message authentication code can be used to replace the encryption primitive if desired and that if authenticated encryption is applied it must be strongly unforgeable.

Keywords

ISO 9798 Bellare–Rogaway model real-world protocol analysis 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abdalla, M., Bellare, M., Rogaway, P.: The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 143–158. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Basin, D., Cremers, C.J.F., Meier, S.: Provably repairing the ISO/IEC 9798 standard for entity authentication. Journal of Computer Security 21(6), 817–846 (2013)Google Scholar
  3. 3.
    Bellare, M., Namprempre, C.: Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  4. 4.
    Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  5. 5.
    Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 30–45. Springer, Heidelberg (1997)Google Scholar
  6. 6.
    ISO. Information technology – security techniques – entity authentication – part 2: Mechanisms using symmetric encipherment algorithms. ISO ISO/IEC 9798-2:2008, International Organization for Standardization, Geneva, Switzerland (2008)Google Scholar
  7. 7.
    ISO. Information technology – security techniques – entity authentication – part 2: Mechanisms using symmetric encipherment algorithms. ISO ISO/IEC 9798-2:2008/Cor 1:2010, International Organization for Standardization, Geneva, Switzerland, Technical Corrigendum 1 (2010)Google Scholar
  8. 8.
    Jutla, C.S.: Encryption Modes with Almost Free Message Integrity. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 529–544. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    LaMacchia, B.A., Lauter, K., Mityagin, A.: Stronger Security of Authenticated Key Exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. 10.
    Canetti, R., Krawczyk, H.: Analysis of key-Exchange protocols and Their Use for Building Secure Channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  11. 11.
    Rogaway, P.: Authenticated-Encryption with Associated-Data. In: Ninth ACM Conference on Computer and Communications Security (CCS-9). ACM Press (2002)Google Scholar
  12. 12.
    Rogaway, P., Bellare, M., Black, J.: OCB: A Block-Cipher Mode of Operation for Efficient Authenticated Encryption. In: Eighth ACM Conference on Computer and Communications Security (CCS–8), pp. 365–403. ACM Press (2003)Google Scholar
  13. 13.
    Rogaway, P., Stegers, T.: Authentication without Elision: Partially Specified Protocols, Associated Data, and Cryptographic Models Described by Code. In: Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium, pp. 26–39. IEEE Computer Society (2009)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Britta Hale
    • 1
  • Colin Boyd
    • 1
  1. 1.Norwegian University of Science and Technology (NTNU)TrondheimNorway

Personalised recommendations