Verified Contributive Channel Bindings for Compound Authentication

  title={Verified Contributive Channel Bindings for Compound Authentication},
  author={Karthikeyan Bhargavan and Antoine Delignat-Lavaud and Alfredo Pironti},
Compound authentication protocols, such as EAP in IKEv2 or SASL over TLS, bind application-level authentication to a transport-level authenticated channel in order to obtain strong composite authentication under weak trust assumptions. Despite their wide deployment, these protocols remain poorly understood, leading to several credential forwarding man-in-themiddle attacks. We present formal models for several compound authentication protocols, and analyze them against a rich threat model that… CONTINUE READING


Publications citing this paper.
Showing 1-10 of 12 extracted citations


Publications referenced by this paper.
Showing 1-10 of 55 references

Analysis of the SSH key exchange protocol

  • S. C. Williams
  • Cryptography and Coding, 2011, pp. 356–374.
  • 2011
Highly Influential
11 Excerpts

Authentication gap in TLS renegotiation

  • M. Ray, S. Dispensa
  • 2009.
  • 2009
Highly Influential
5 Excerpts

Similar Papers

Loading similar papers…