Kleptography in Authentication Protocols: Why is it Still Possible?

European Interdisciplinary Cybersecurity Conference (EICC)(2022)

引用 0|浏览0
暂无评分
摘要
Network authentication frequently relies on nonces, and even widely deployed protocols still rely on random nonces, although they might enable kleptography attacks. Notably, for TLS a kleptography-based covert channel has been published, and despite a proposal to cure this weakness via controlled randomness including backward compatibility, the protocol description is not updated. We investigate if lack of bandwidth, i.e., lack of applicability, could be a reason not to care for such an update. Moreover, we give examples of other authentication protocols that might suffer from a similar weakness, and that possibly might profit from a similar cure, thus indicating necessity of further research.
更多
查看译文
关键词
authentication protocols
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要