首页> 外文期刊>IEEE transactions on dependable and secure computing >Investigating the Multi-Ciphersuite and Backwards-Compatibility Security of the Upcoming TLS 1.3
【24h】

Investigating the Multi-Ciphersuite and Backwards-Compatibility Security of the Upcoming TLS 1.3

机译:研究即将推出的TLS 1.3的多机种和向后兼容的安全性

获取原文
获取原文并翻译 | 示例

摘要

Transport Layer Security (TLS) is one of the most widely used Internet protocols for secure communications. TLS 1.3, the next-generation protocol, is currently under development, with the latest candidate being draft-18. For flexibility and compatibility, TLS supports various ciphersuites and offers configurable selection of multiple protocol versions, which unfortunately opens the door to practical attacks. For example, although TLS 1.3 is now proven secure separately, coexisting with previous versions may be subject to backwards compatibility attacks. In this paper, we present a formal treatment of the multi-ciphersuite and backwards-compatibility security of TLS 1.3 (specifically, draft-18). We introduce a multi-stage security model, covering all known kinds of compositional interactions (w.r.t. ciphersuites and protocol versions) and reasonably strong security notions. Then we dissect the cross-ciphersuite attack regarding TLS 1.2 in our model, and show that the TLS 1.3 handshake protocol satisfies the multi-ciphersuite security, highlighting the strict necessity of including more information in the signature. Furthermore, we demonstrate how the backwards compatibility attack by Jager et al. can be identified owing to our model, and prove that the handshake protocol can achieve our desired strong security if certain countermeasures are adopted. Our treatment is also applicable to analyzing other protocols.
机译:传输层安全性(TLS)是用于安全通信的最广泛使用的Internet协议之一。下一代协议TLS 1.3正在开发中,最新的候选者为18草稿。为了实现灵活性和兼容性,TLS支持各种密码套件,并提供可配置的多个协议版本选择,这很遗憾为实际攻击打开了大门。例如,尽管现在已证明TLS 1.3是单独安全的,但与以前的版本共存可能会受到向后兼容性攻击。在本文中,我们对TLS 1.3(特别是草案18)的多密码套件和向后兼容安全性进行了正式处理。我们引入了一个多阶段安全模型,该模型涵盖了所有已知种类的组合交互(包括密码套件和协议版本)以及相当强大的安全概念。然后,我们在模型中剖析了有关TLS 1.2的跨密码套件攻击,并证明TLS 1.3握手协议满足多密码套件安全性,强调了在签名中包含更多信息的严格必要性。此外,我们演示了Jager等人的向后兼容性攻击。可以根据我们的模型进行识别,并证明如果采取某些对策,则握手协议可以实现我们所需的强大安全性。我们的处理方法也适用于分析其他协议。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号