Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IACR
2016
2016
Downgrade Resilience in Key-Exchange Protocols
Key-exchange protocols such as TLS, SSH, IPsec, and ZRTP are highly con
gurable, with typical deployments supporting multiple protocol versions, cryptographic algorithms and parameters. In the
rst messages of the protocol, the peers negotiate one speci
c combination: the protocol mode, based on their local con
gurations. With few notable exceptions, most cryptographic analyses of con
gurable protocols consider a single mode at a time. In contrast, downgrade attacks, where a network adversary forces peers to use a mode weaker than the one they would normally negotiate, are a recurrent problem in practice. How to support con
gurability while at the same time guaranteeing the preferred mode is negotiated? We set to answer this question by designing a formal framework to study downgrade resilience and its relation to other security properties of key-exchange protocols. First, we study the causes of downgrade attacks by dissecting and classifying known and novel attacks against widely use...
Real-time TrafficBiometrics | IACR 2016 |
Related Content
| Added | 03 Apr 2016 |
| Updated | 03 Apr 2016 |
| Type | Journal |
| Year | 2016 |
| Where | IACR |
| Authors | Karthikeyan Bhargavan, Christina Brzuska, Cédric Fournet, Matthew Green, Markulf Kohlweiss, Santiago Zanella Béguelin |
Comments (0)
Researcher Info
|
