Speaker Affiliation | Technische Universität Darmstadt, Cryptographic Protocols Group / University of Surrey, Department of Computing |
Start | 09.02.2015, 11:00 Uhr |
Location | TU Braunschweig, Informatikzentrum, Mühlenpfordtstraße 23, 1. OG, Hörsaal M 160 |
Invited by | Prof. Dr. Rüdiger Kapitza |
Cryptographic password authentication protocols have failed to see wide-spread adoption on the Internet despite of a rich variety of existing protocols. This is due to the fact that most proposals require extensive modifications to the Transport Layer Security (TLS) protocol, which is challenging to realize. In this talk I will present two modular constructions where a cryptographically secure password authentication protocol is run inside a confidential (but not necessarily authenticated) channel such as TLS and is securely linked to this channel to prevent application-layer man-in-the-middle attacks. The proposed approach does not require any modifications to the TLS standard and can be realized on modern desktop and mobile browsers. It relies on two channel binding mechanisms for TLS from RFC 5929 those security is analyzed in the proposed general model for Password-Authenticated and Confidential Channel Establishment (PACCE), a password-based variant of the ACCE model which has been widely used to analyze TLS security. Notably, our results can be generalized and applied to integrate cryptographic password authentication into other communication channels beyond those established through TLS. |
Vacancies of TU Braunschweig
Career Service' Job Exchange
Merchandising
Term Dates
Courses
Degree Programmes
Information for Freshman
TUCard
Technische Universität Braunschweig
Universitätsplatz 2
38106 Braunschweig
P. O. Box: 38092 Braunschweig
GERMANY
Phone: +49 (0) 531 391-0