On session identifiers in provably secure protocols. (English) Zbl 1116.94317
Blundo, Carlo (ed.) et al., Security in communication networks. 4th international conference, SCN 2004, Amalfi, Italy, September 8–10, 2004. Revised selected papers. Berlin: Springer (ISBN 3-540-24301-1/pbk). Lecture Notes in Computer Science 3352, 351-366 (2005).
Summary: We examine the role of session identifiers (SIDs) in security proofs for key establishment protocols. After reviewing the practical importance of SIDs we use as a case study the three-party server-based key distribution (3PKD) protocol of Bellare and Rogaway, proven secure in 1995. We show incidentally that the partnership function used in the existing security proof is flawed. There seems to be no way to define a SID for the 3PKD protocol that will preserve the proof of security. A small change to the protocol allows a natural definition for a SID and we prove that the new protocol is secure using this SID to define partnering.
For the entire collection see [Zbl 1067.68002].
For the entire collection see [Zbl 1067.68002].
