Virtual Multi-Protocol Attacks in Non-Repudiation Protocols

Add to your list(s) Download to your calendar using vCal

• Matthijs Melissen
• Thursday 19 December 2013, 11:00-12:00
• Room 245, School of Computer Science.

If you have a question about this talk, please contact Vincent Cheval.

We give a formal definition of the security property of non-repudiation, and study which conditions this definition must contain. It is well-known that agents need to restrict the use of their key material to a limited set of protocols if multiple security protocols are executed in parallel. We identify an additional requirement, which states that agents should also know about other agents which keys are used for which protocols. When this requirement is not satisfied, a new class of attacks, called virtual multi-protocol attacks, arises. In such attacks, the adversary executes a protocol honestly, and afterwards falsely denies that he has been executing this protocol, abusing the lack of knowledge of the attacked agent. Virtual multi-protocol attacks can be prevented by having the public key infrastructure not only link keys to agents, but also to the protocol for which the key is used.

This talk is part of the Computer Security Seminars series.

This talk is included in these lists:

• Computer Science Departmental Series
• Computer Science Distinguished Seminars
• Computer Security Seminars
• Room 245, School of Computer Science
• computer sience

Note that ex-directory lists are not shown.