Utilizing Simulation-Based Security for the Modular Cryptographic Analysis of Real-World Key Exchange and Secure Channel Protocols

利用基于模拟的安全性对现实世界密钥交换和安全通道协议进行模块化密码分析

• 批准号: 250008536
• 负责人: Professor Dr. Ralf Küsters
• 金额: --
• 依托单位: Institut für Informationssicherheit
• 依托单位国家: 德国
• 项目类别: Research Grants
• 财政年份: 2013
• 资助国家: 德国
• 起止时间: 2012-12-31 至 2019-12-31
• 项目状态: 已结题
• 来源: https://gepris.dfg.de/gepris/projekt/250008536?language=en
• 关键词: Utilizing; Simulation; Based; Security; Modular

We depend on protocols for securely exchanging keys betweencommunication partners and establishing securecommunication channels, such as SSL/TLS, SSH, IPsec, IEEE802.11i, and many others, in our everyday life. As haslong been realized and as illustrated by numerous attacks,rigorous and comprehensive cryptographic analysis of such(real-world) protocols is indispensable. However, such ananalysis still poses a big challenge, with the complexityof the analysis being the main obstacle. To tame thiscomplexity and to make the analysis more manageable a highdegree of modularity of the analysis isimperative. The main goal of this project is therefore todevelop methods and techniques in order to push modularanalysis as much as possible. A particularly promisingapproach in this respect is the so-called simulation-basedapproach. While composability and modularity are thedriving forces of this approach, its high potential for therigorous and comprehensive modular analysis of real-worldkey exchange and secure channel protocols is largelyunexplored. In this project, we shall extend and refine thesimulation-based approach in order to provide acomprehensive framework for the modular, yet faithfulanalysis of real-world key exchange and secure channelprotocols. The developed framework shall be applied toselected real-world key exchange and secure channelprotocols in order to illustrate and evaluate the developedmethods and techniques.

在我们的日常生活中，我们依赖于协议在通信伙伴之间安全地交换密钥并建立安全的通信通道，例如SSL/TLS、SSH、SSL、IEEE802.11i和许多其他协议。 正如人们长期以来所认识到的那样，正如许多攻击所说明的那样，对这种（现实世界）协议进行严格而全面的密码分析是必不可少的。然而，这种分析仍然构成了一个很大的挑战，分析的复杂性是主要障碍。为了驯服这种复杂性，使分析更易于管理，分析的高度模块化是必要的。因此，这个项目的主要目标是开发方法和技术，以尽可能地推动模块化分析。在这方面，一个特别有前途的方法是所谓的基于模拟的方法。 虽然可组合性和模块化是这种方法的驱动力，但其对现实世界密钥交换和安全通道协议的严格和全面的模块化分析的高潜力还没有得到很大的开发。在这个项目中，我们将扩展和完善基于模拟的方法，以提供一个完整的框架，模块化的，但忠实的分析现实世界的密钥交换和安全通道协议。所开发的框架应适用于选定的现实世界的密钥交换和安全通道协议，以说明和评估所开发的方法和技术。

项目成果

iUC: Flexible Universal Composability Made Simple

• DOI: 10.1007/978-3-030-34618-8_7
• 发表时间: 2019-12
• 作者: J. Camenisch;S. Krenn;Ralf Küsters;Daniel Rausch

Joint State Composition Theorems for Public-Key Encryption and Digital Signature Functionalities with Local Computation

具有本地计算的公钥加密和数字签名功能的联合状态组合定理

• DOI: 10.1007/s00145-020-09353-0
• 发表时间: 2020
• 期刊: Journal of Cryptology
• 影响因子: 3
• 作者: Küsters;Tuengerthal;Rausch;Daniel
• 通讯作者: Daniel

A Framework for Universally Composable Diffie-Hellman Key Exchange

• DOI: 10.1109/sp.2017.63
• 发表时间: 2017-05
• 期刊: 2017 IEEE Symposium on Security and Privacy (SP)
• 作者: Ralf Küsters;Daniel Rausch

Universal Composition with Responsive Environments

• DOI: 10.1007/978-3-662-53890-6_27
• 发表时间: 2016-12
• 作者: J. Camenisch;Robert R. Enderlein;S. Krenn;Ralf Küsters;Daniel Rausch

The IITM Model: A Simple and Expressive Model for Universal Composability

IITM 模型：一个简单而富有表现力的通用可组合性模型

• DOI: 10.1007/s00145-020-09352-1
• 发表时间: 2020
• 期刊: Journal of Cryptology
• 影响因子: 3
• 作者: Küsters;Tuengerthal;Rausch;Daniel
• 通讯作者: Daniel