Security Protocols I - Information Security

More documents

Recommendations

Info

Sebastian Mödersheim 7Building a key establishment protocol (1)• An attempt to design a good protocol (from first principles).• First step: establish the communications architecture.We choose here one common scenario (among many):◮ A set of users, any 2 of whom may wish to establish a newsession key for subsequent secure communications.N.B.: successful completion of key establishment (& entity authentication)is only the beginning of a secure communications session. Furthercommunication (often also through protocols) may be based on this key.N.B. 2: Users are not necessarily honest! (More later)◮ There is an honest server.N.B.: Often called “trusted server”, but trust ≠ honesty! We assumethat an honest server never cheats and never gives out user secrets.FMSEC Module 2, v.2 28.09.2009
Sebastian Mödersheim 8Building a key establishment protocol (2)• We thus consider in this scenario protocol with 3 roles:initiator role A (Alice), responder role B (Bob), server role S• In a concrete execution of a protocol, the roles are played by agents a.k.a.principals: a, b, c (charly), s, i (intruder), . . .• We use i as the name of the intruder.No agent in our model knows that i is not honest.• Aims of the protocol:◮ At the end of the protocol, K AB should be known to A and B, and possiblyS (who forgets it immediately), but to no other parties.◮ A and B can assume that K AB is newly generated.• Formalization questions (that we will consider later):◮ How do we formalize the protocol steps and goals?◮ How do we formalize “knowledge”, “secrecy”, “newly”, ...?FMSEC Module 2, v.2 28.09.2009
Page 1 and 2: Security Protocols IIntroductionSeb
Page 3 and 4: Sebastian Mödersheim 2Good Crypto
Page 5 and 6: Sebastian Mödersheim 4Motivation
Page 7: Sebastian Mödersheim 6Road map•
Page 11 and 12: Sebastian Mödersheim 1. A, B10Buil
Page 13 and 14: Sebastian Mödersheim 1. A, B12Buil
Page 15 and 16: Sebastian Mödersheim 14Building a
Page 19: Sebastian Mödersheim 18Building a
Page 24 and 25: iSebastian Mödersheim 23Building a
Page 32 and 33: Sebastian Mödersheim 31ExerciseCan
Page 34 and 35: Sebastian Mödersheim 33Summary: Co
Page 36 and 37: Sebastian Mödersheim 35Summary: Pr
Page 38 and 39: Sebastian Mödersheim 37An authenti
Page 40 and 41: Sebastian Mödersheim 39Informal Co
Page 42 and 43: Sebastian Mödersheim 41Man-in-the-
Page 44 and 45: Sebastian Mödersheim 43Assumptions
Page 46 and 47: Sebastian Mödersheim 45Examples of
Page 48 and 49: Sebastian Mödersheim 47Type flaw a
Page 50 and 51: Sebastian Mödersheim 49Type flaw a
Page 52 and 53: Sebastian Mödersheim 51Example of
Page 54 and 55: Sebastian Mödersheim 53Example of
Page 56 and 57: Sebastian Mödersheim 55. . . and s
Page 58 and 59:
Sebastian Mödersheim 57Prudent eng
Page 60:
Sebastian Mödersheim 59Bibliograph
show all

Security Protocols I - Information Security

Create successful ePaper yourself

Delete template?

Save as template?