home | about

channel security
Complete

Summary

Station-to-station(STS)

ClientServerkd;keg;parepublicprimesGreetkex=gamodpy=gbmodp;s=E(kd;y)choose:bchoose:a

PKC-based

ClientServerkd;keGreetkec=E(ke;k)choose:k

Secure channel

  • encrypt-and-mac using session key
  • ensures confidentiality and integrity

Transport Layer Security(TLS)

  • successor to Secure Socket Layer(SSL)
  • foundation for Hypertext Transfer Protocol(Secured) (HTTPS)

Forward secrecy

  • past session keys remain safe even if long-term private key leaks later
  • older ciphertexts are protected even in the future

Concept

Challenge-response

Clientk0ServerkGreet:"Iam..."Challenge:rResponse:t=hk0(r)

Unilateral authentication

  • authenticates the client, in this example
  • uses signature
Clientkd;keServerGreet:"Iam..."jjkeChallenge:rResponse:s=E(kd;r)

requires a homomorphic asymmetric encryption scheme such as RSA

Key exchange

  • establish a shared session key over an unsecured channel
  • session key can then be used for symmetric encryption
  • eg. PKC-based, diffie-hellman key exchange
Clientkd;keServerPublickey:keSessionkey:c=E(ke;k)choosesessionkey:k

Man-in-the-middle

  • client is not necessarily authenticated during key exchange
  • Mallory can create a session key for each user, sniffing/spoofing the communication between them

Authenticated key exchange(AKE)

  • authentication + key exchange
  • prevents man-in-the-middle attack
  • eg. PKC-based, STS