This thesis is divided into two distinct parts. The first partof the thesis explores security issues in key establishmentprotocols, including both key distribution protocols and keyagreement protocols, and in both the general and thepassword-based setting. The second part of the thesis exploressecurity issues of Timed-Release encryption schemes, especiallythose with a Pre-Open capability.In the first part, we initially present a formal description ofkey establishment protocols, and summarise the securityproperties that may be required of such a protocol. Secondly,we examine existing security models for key establishmentprotocols. We show that none of these security models fullycapture the desired security properties. Thirdly, we examinesome existing protocols and demonstrate certainvulnerabilities. Some of these vulnerabilities have notpreviously been detected because of the lack of a formalsecurity analysis, while others have been missed because theadopted security models fail to address such securityvulnerabilities. Fourthly, we describe a novel security modelfor general key establishment protocols, and we further adaptit for the password setting. Finally, we propose keyestablishment protocols which are proved secure in our novelsecurity model.In the second part we start by examining an existing securitymodel for Timed-Release Encryption schemes with a Pre-openCapability (TRE-PC), and we demonstrate several limitations ofthis model. We then propose a new security model for suchpublic-key encryption schemes, and establish relationshipsbetween the proposed security notions. We also propose ageneral construction for TRE-PC schemes and an instantiation ofcertain primitives.
展开▼
