On Continuous After-the-Fact Leakage-Resilient Key Exchange

Toorani, Mohsen

doi:10.1145/2694805.2694811

Cited by 11 publications

(7 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Computing devices leak information not just through input-output interaction, but through physical characteristics of computation such as power consumption, timing, or electromagnetic radiation. Such information leakage can break many cryptosystems in common use, and are feasible when an adversary has access to the device, as it is often the case for devices such as smartcards, TPM chips, mobile phones and laptops [87]. Side-channel attacks can be divided into passive and active attacks.…”

Section: Attacks On Implementationsmentioning

confidence: 99%

Security Protocols in a Nutshell

Toorani¹

2016

Preprint

Self Cite

View full text Add to dashboard Cite

Security protocols are building blocks in secure communications. They deploy some security mechanisms to provide certain security services. Security protocols are considered abstract when analyzed, but they can have extra vulnerabilities when implemented. This manuscript provides a holistic study on security protocols. It reviews foundations of security protocols, taxonomy of attacks on security protocols and their implementations, and different methods and models for security analysis of protocols. Specifically, it clarifies differences between information-theoretic and computational security, and computational and symbolic models. Furthermore, a survey on computational security models for authenticated key exchange (AKE) and password-authenticated key exchange (PAKE) protocols, as the most important and well-studied type of security protocols, is provided.

show abstract

Section: Attacks On Implementationsmentioning

confidence: 99%

Security Protocols in a Nutshell

Toorani¹

2016

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…Several security properties must be satisfied by AKE and PAKE protocols, and they should obviously withstand well-known attacks. Many protocols have been proposed in the literature, but some of them have been shown to have security problems [5][6][7]. It is desirable for AKE protocols to provide known-key security, forward secrecy, key control, and resilience to well-known attacks such as Key-Compromise Impersonation (KCI) and its variants, unknown key-share (UKS), replay, and Denning-Sacco attacks.…”

Section: Arxiv:150102601v1 [Cscr] 12 Jan 2015mentioning

confidence: 99%

On Vulnerabilities of the Security Association in the IEEE 802.15.6 Standard

Toorani

2015

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. Wireless Body Area Networks (WBAN) support a variety of real-time health monitoring and consumer electronics applications.The latest international standard for WBAN is the IEEE 802.15.6. The security association in this standard includes four elliptic curve-based key agreement protocols that are used for generating a master key. In this paper, we challenge the security of the IEEE 802.15.6 standard by showing vulnerabilities of those four protocols to several attacks. We perform a security analysis on the protocols, and show that they all have security problems, and are vulnerable to different attacks.

show abstract

“…Thus, to further improve the practicability, a cryptography scheme must keep its original security in the continuous leakage setting. For the past few years, several constructions have captured continuous leakage resilience in their security consideration, such as the continuous leakage‐resilient public‐key encryption (CLR‐PKE) [14–16], the continuous leakage‐resilient authentication key exchange (CLR‐AKE) [17], the continuous leakage‐resilient (CLR) signature [18], the CLR certificate‐based encryption (CLR‐CBE) [10, 11, 19], the CLR certificateless public‐key encryption (CLR‐CL‐PKE) [20] and so on. In the identity‐based setting, CLR identity‐based encryption (CLR‐IBE) schemes with the semantic security were presented in [21–23].…”

Section: Introductionmentioning

confidence: 99%