The Experts below are selected from a list of 219 Experts worldwide ranked by ideXlab platform
Bogdan Warinschi - One of the best experts on this subject based on the ideXlab platform.
-
The TLS Handshake Protocol: A Modular Analysis
Journal of Cryptology, 2010Co-Authors: P Morrissey, N.p. Smart, Bogdan WarinschiAbstract:We study the security of the widely deployed Secure Session Layer/Transport Layer Security (TLS) key agreement protocol. Our analysis identifies, justifies, and exploits the modularity present in the design of the protocol: the Application keys offered to higher-level Applications are obtained from a master key , which in turn is derived through interaction from a pre-master key . We define models (following well-established paradigms) that clarify the security level enjoyed by each of these types of keys. We capture the realistic setting where only one of the two parties involved in the execution of the protocol (namely the server) has a certified public key, and where the same master key is used to generate Multiple Application keys. The main contribution of the paper is a modular and generic proof of security for a slightly modified version of TLS. Our proofs shows that the protocol is secure even if the pre-master and the master keys only satisfy only weak security requirements. Our proofs make crucial use of modelling the key derivation function of TLS as a random oracle.
-
a modular security analysis of the tls handshake protocol
International Conference on the Theory and Application of Cryptology and Information Security, 2008Co-Authors: P Morrissey, N.p. Smart, Bogdan WarinschiAbstract:We study the security of the widely deployed Secure Session Layer/Transport Layer Security (TLS) key agreement protocol. Our analysis identifies, justifies, and exploits the modularity present in the design of the protocol: the Application keys offered to higher level Applications are obtained from a master key , which in turn is derived, through interaction, from a pre-master key . Our first contribution consists of formal models that clarify the security level enjoyed by each of these types of keys. The models that we provide fall under well established paradigms in defining execution, and security notions. We capture the realistic setting where only one of the two parties involved in the execution of the protocol (namely the server) has a certified public key, and where the same master key is used to generate Multiple Application keys. The main contribution of the paper is a modular and generic proof of security for the Application keys established through the TLS protocol. We show that the transformation used by TLS to derive master keys essentially transforms an arbitrary secure pre-master key agreement protocol into a secure master-key agreement protocol. Similarly, the transformation used to derive Application keys works when applied to an arbitrary secure master-key agreement protocol. These results are in the random oracle model. The security of the overall protocol then follows from proofs of security for the basic pre-master key generation protocols employed by TLS.
P Morrissey - One of the best experts on this subject based on the ideXlab platform.
-
The TLS Handshake Protocol: A Modular Analysis
Journal of Cryptology, 2010Co-Authors: P Morrissey, N.p. Smart, Bogdan WarinschiAbstract:We study the security of the widely deployed Secure Session Layer/Transport Layer Security (TLS) key agreement protocol. Our analysis identifies, justifies, and exploits the modularity present in the design of the protocol: the Application keys offered to higher-level Applications are obtained from a master key , which in turn is derived through interaction from a pre-master key . We define models (following well-established paradigms) that clarify the security level enjoyed by each of these types of keys. We capture the realistic setting where only one of the two parties involved in the execution of the protocol (namely the server) has a certified public key, and where the same master key is used to generate Multiple Application keys. The main contribution of the paper is a modular and generic proof of security for a slightly modified version of TLS. Our proofs shows that the protocol is secure even if the pre-master and the master keys only satisfy only weak security requirements. Our proofs make crucial use of modelling the key derivation function of TLS as a random oracle.
-
a modular security analysis of the tls handshake protocol
International Conference on the Theory and Application of Cryptology and Information Security, 2008Co-Authors: P Morrissey, N.p. Smart, Bogdan WarinschiAbstract:We study the security of the widely deployed Secure Session Layer/Transport Layer Security (TLS) key agreement protocol. Our analysis identifies, justifies, and exploits the modularity present in the design of the protocol: the Application keys offered to higher level Applications are obtained from a master key , which in turn is derived, through interaction, from a pre-master key . Our first contribution consists of formal models that clarify the security level enjoyed by each of these types of keys. The models that we provide fall under well established paradigms in defining execution, and security notions. We capture the realistic setting where only one of the two parties involved in the execution of the protocol (namely the server) has a certified public key, and where the same master key is used to generate Multiple Application keys. The main contribution of the paper is a modular and generic proof of security for the Application keys established through the TLS protocol. We show that the transformation used by TLS to derive master keys essentially transforms an arbitrary secure pre-master key agreement protocol into a secure master-key agreement protocol. Similarly, the transformation used to derive Application keys works when applied to an arbitrary secure master-key agreement protocol. These results are in the random oracle model. The security of the overall protocol then follows from proofs of security for the basic pre-master key generation protocols employed by TLS.
N.p. Smart - One of the best experts on this subject based on the ideXlab platform.
-
The TLS Handshake Protocol: A Modular Analysis
Journal of Cryptology, 2010Co-Authors: P Morrissey, N.p. Smart, Bogdan WarinschiAbstract:We study the security of the widely deployed Secure Session Layer/Transport Layer Security (TLS) key agreement protocol. Our analysis identifies, justifies, and exploits the modularity present in the design of the protocol: the Application keys offered to higher-level Applications are obtained from a master key , which in turn is derived through interaction from a pre-master key . We define models (following well-established paradigms) that clarify the security level enjoyed by each of these types of keys. We capture the realistic setting where only one of the two parties involved in the execution of the protocol (namely the server) has a certified public key, and where the same master key is used to generate Multiple Application keys. The main contribution of the paper is a modular and generic proof of security for a slightly modified version of TLS. Our proofs shows that the protocol is secure even if the pre-master and the master keys only satisfy only weak security requirements. Our proofs make crucial use of modelling the key derivation function of TLS as a random oracle.
-
a modular security analysis of the tls handshake protocol
International Conference on the Theory and Application of Cryptology and Information Security, 2008Co-Authors: P Morrissey, N.p. Smart, Bogdan WarinschiAbstract:We study the security of the widely deployed Secure Session Layer/Transport Layer Security (TLS) key agreement protocol. Our analysis identifies, justifies, and exploits the modularity present in the design of the protocol: the Application keys offered to higher level Applications are obtained from a master key , which in turn is derived, through interaction, from a pre-master key . Our first contribution consists of formal models that clarify the security level enjoyed by each of these types of keys. The models that we provide fall under well established paradigms in defining execution, and security notions. We capture the realistic setting where only one of the two parties involved in the execution of the protocol (namely the server) has a certified public key, and where the same master key is used to generate Multiple Application keys. The main contribution of the paper is a modular and generic proof of security for the Application keys established through the TLS protocol. We show that the transformation used by TLS to derive master keys essentially transforms an arbitrary secure pre-master key agreement protocol into a secure master-key agreement protocol. Similarly, the transformation used to derive Application keys works when applied to an arbitrary secure master-key agreement protocol. These results are in the random oracle model. The security of the overall protocol then follows from proofs of security for the basic pre-master key generation protocols employed by TLS.
Dragos Vingarzan - One of the best experts on this subject based on the ideXlab platform.
-
openepc a technical infrastructure for early prototyping of ngmn testbeds
Testbeds and Research Infrastructures for the DEvelopment of NeTworks and COMmunities, 2010Co-Authors: Marius Corici, Fabricio Carvalho De Gouveia, Thomas Magedanz, Dragos VingarzanAbstract:The challenging and ever increasing requirements of future Applications demand new concepts for better control and management of network resources. The Third Generation Partnership Project (3GPP) introduced in their latest specifications the Evolved Packet Core (EPC) architecture for transparently unifying the parameters of different technologies, like the UMTS, WLAN, non-3GPP access technologies and a future Evolved Radio Access Network, called Long Term Evolution (LTE), with the use of Multiple Application platforms such as IP Multimedia Subsystem (IMS) and the Internet. This paper describes a testbed implementation of the Evolved Packet Core named OpenEPC which provides a reference implementation of 3GPP’s EPC developed by the Fraunhofer Institute FOKUS. OpenEPC is a set of software components offering advanced IP mobility schemes, policy-based QoS control, and integration with different Application platforms in converging network environments. This initiative, in addition to fostering research and development, enables academic and industry researchers to rapidly realize state-of-the-art NGMN infrastructures and Application testbeds.
-
TRIDENTCOM - OpenEPC: A Technical Infrastructure for Early Prototyping of NGMN Testbeds
Lecture Notes of the Institute for Computer Sciences Social Informatics and Telecommunications Engineering, 2010Co-Authors: Marius Corici, Fabricio Carvalho De Gouveia, Thomas Magedanz, Dragos VingarzanAbstract:The challenging and ever increasing requirements of future Applications demand new concepts for better control and management of network resources. The Third Generation Partnership Project (3GPP) introduced in their latest specifications the Evolved Packet Core (EPC) architecture for transparently unifying the parameters of different technologies, like the UMTS, WLAN, non-3GPP access technologies and a future Evolved Radio Access Network, called Long Term Evolution (LTE), with the use of Multiple Application platforms such as IP Multimedia Subsystem (IMS) and the Internet. This paper describes a testbed implementation of the Evolved Packet Core named OpenEPC which provides a reference implementation of 3GPP’s EPC developed by the Fraunhofer Institute FOKUS. OpenEPC is a set of software components offering advanced IP mobility schemes, policy-based QoS control, and integration with different Application platforms in converging network environments. This initiative, in addition to fostering research and development, enables academic and industry researchers to rapidly realize state-of-the-art NGMN infrastructures and Application testbeds.
Jason B. Ernst - One of the best experts on this subject based on the ideXlab platform.
-
FPL - Customized Reconfigurable Interconnection Networks for Multiple Application SOCS
2008 International Conference on Field Programmable Logic and Applications, 2008Co-Authors: Hongbing Fan, Jason B. ErnstAbstract:A customized reconfigurable interconnection network (CRIN) refers to a minimal switching network, yielding routing solutions for any element in a pre-given set of routing requirements. The CRIN design problem looks for the best performance and resource-flexibility trade-off between two extreme design contexts ASIC and FPGA. In this paper we give the modeling of this problem for both directed and undirected interconnections. A heuristic algorithm for automatic generation of CRIN is proposed along with its experimental justifications. This study was motivated from the design of reconfigurable systems-on-a-chip for Multiple Applications.
