Corpus ID: 718600

Modelling Time, or A Step Towards Reduction-based Security Proofs for OTP and Kerberos

  title={Modelling Time, or A Step Towards Reduction-based Security Proofs for OTP and Kerberos},
  author={J{\"o}rg Schwenk},
  journal={IACR Cryptol. ePrint Arch.},
  • Jörg Schwenk
  • Published 2013
  • Computer Science
  • IACR Cryptol. ePrint Arch.
The notion of time plays an important role in many practically deployed cryptographic protocols, ranging from OneTime-Password (OTP) tokens to the Kerberos protocol. However, time is difficult to model in a Turing machine environment. We propose the first such model, where time is modelled as a global counter T . We argue that this model closely matches several implementations of time in computer environments. The usefulness of the model is shown by giving complexity-theoretic security proofs… Expand
Modelling Time for Authenticated Key Exchange Protocols
This work argues that this model closely matches several implementations of time in computer environments, and gives complexity-theoretic security proofs for OTP protocols and HMQV-like one-round AKE protocols. Expand
Authenticated Network Time Synchronization
An authenticated version of NTP is presented, called ANTP, to protect against desynchronization attacks and achieve secure time synchronization under standard cryptographic assumptions, using a novel provable security framework that involves adversary control of time. Expand


Cryptographically Sound Security Proofs for Basic and Public-Key Kerberos
A computational analysis of basic Kerbero and Kerberos with public-key authentication (PKINIT) in which authentication and key secrecy properties are considered and symbolic correctness results attained in the Dolev-Yao model are extended to cryptographically sound results in the computational model. Expand
Examining Indistinguishability-Based Proof Models for Key Establishment Protocols
This work considers several variants of indistinguishability-based proof models for key establishment protocols, identifies several subtle differences between these variants and models, and compares the relative strengths of the notions of security between the models. Expand
Computationally sound mechanized proofs for basic and public-key Kerberos
We present a computationally sound mechanized analysis of Kerberos 5, both with and without its public-key extension PKINIT. We prove authentication and key secrecy properties using the proverExpand
Provably secure session key distribution: the three party case
This paper provides the first treatment of session key distribution in the three-party setting of Needham and Schroeder in the complexity-theoretic framework of modern cryptography, assuming the (minimal) assumption of a pseudorandom function. Expand
Formal Modeling and Analyzing Kerberos Protocol
This work formalizes the Kerberos protocol using CSP methods, and can prove that the system protected by the protocol is indeed secure as it declared. Expand
Kerberos Version 4: Inductive Analysis of the Secrecy Goals
An operational model of crypto-protocols is tailored to the detailed analysis of the secrecy goals accomplished by Kerberos Version IV, and allows an eavesdropper to exploit the shared keys of compromised agents, and admits the accidental loss of expired session keys. Expand
A formal analysis of ome properties of kerberos 5 using MSR
In the abstract formalization, an authentication property about Kerberos 5 is proved and three anomalies are discovered, one of which occurs on both levels of detail, while the other two rely on the richer structure of the detailed formalization. Expand
Formal Analysis of the Kerberos Authentication System
Gurevich's Abstract State Machine formalism is used to specify the Kerberos Authentication System based on the Needham-Schroeder authentication protocol and is used as a basis both to discover the minimum assumptions to guarantee the correctness of the system and to analyse its security weaknesses. Expand
Extended Abstract: Provable-Security Analysis of Authenticated Encryption in Kerberos
A close look at Kerberos' encryption is taken and it is confirmed that most of the options in the current version provably provide privacy and authenticity, some with slight modification that is suggested. Expand
Optimally Tight Security Proofs for Hash-Then-Publish Time-Stamping
This paper achieves a notably smaller loss of power 1.5, which is the first one efficient enough to allow meaningful security guarantees to be given for a globalscale time-stamping service based on 256 bit hash functions, which considerably increases the efficiency of possible practical solutions. Expand