Applying NCP Logic to the Analysis of SSL 3.0

View Related Documents

Book Chapter
Security Enhancement and Modular Treatment towards Authenticated Key Exchange
Jiaxin Pan, Libin Wang and Changshe Ma
Lecture Notes in Computer Science, 2010, Volume 6476, Information and Communications Security, Pages 203-217
- Download PDF (284.3 KB)
Book Chapter
Security of Public Key Certificate Based Authentication Protocols
Wu Wen, Takamichi Saito and Fumio Mizoguchi
Lecture Notes in Computer Science, 2000, Volume 1751, Public Key Cryptography, Pages 196-209
- Download PDF (189.1 KB)
Book Chapter
MACs and Signatures
2007, Foundations of Security, Part 3, Pages 239-250
- Download PDF (367.9 KB)
Book Chapter
Security Enhanced WTLS Handshake Protocol
Jin Kwak, Jongsu Han, Soohyun Oh and Dongho Won
Lecture Notes in Computer Science, 2004, Volume 3045, Computational Science and Its Applications – ICCSA 2004, Pages 955-964
- Download PDF (186.4 KB)
Book Chapter
Enhancing HIPERLAN/2 Security Aspects
Josep L. Ferrer-Gomila, Guillem Femenias and Magdalena Payeras-Capellà
Lecture Notes in Computer Science, 2004, Volume 2928, Wireless On-Demand Network Systems, Pages 171-184
- Download PDF (88.9 KB)
Book Chapter
A Modular Security Analysis of the TLS Handshake Protocol
P. Morrissey, N. P. Smart and B. Warinschi
Lecture Notes in Computer Science, 2008, Volume 5350, Advances in Cryptology - ASIACRYPT 2008, Pages 55-73
- Download PDF (496.3 KB)
Book Chapter
Verification and modelling of authentication protocols
Ralf C. Hauser and E. Stewart Lee
Lecture Notes in Computer Science, 1992, Volume 648, Computer Security — ESORICS 92, Pages 139-154
- Download PDF (788.6 KB)
Book Chapter
The Descent of BAN
Lawrence C. Paulson
Texts and Monographs in Computer Science, 2004, Computer Systems, Pages 225-228
- Download PDF (56.2 KB)
Book Chapter
Biometrics to Enhance Smartcard Security
(Transcript of Discussion)
Fabio Martinelli
Lecture Notes in Computer Science, 2005, Volume 3364, Security Protocols, Pages 333-335
- Download PDF (56.0 KB)
Book Chapter
Relations Between Secrets: The Yahalom Protocol
Lawrence C. Paulson
Lecture Notes in Computer Science, 2000, Volume 1796, Security Protocols, Pages 73-77
- Download PDF (103.2 KB)

Abstract

In this paper we use extended NCP logic to formally analyze SSL 3.0, and show two important weak points of the protocol, which are the server’s not assured of the freshness and the origin of the pre-master secret when RSA is used for key exchange. We only give specification and analysis of one authentication mode of SSL 3.0 in detail, but all authentication modes have the two weak points. Especially, the flaw of the freshness of the pre-master secret may result in reuse of the pre-master secret, and we properly remedy it by introducing a nonce.

Fulltext Preview

Image of the first page of the fulltext document

Frequently asked questions General info on journals and books Send us your feedback Impressum Contact us

SpringerLink

Applying NCP Logic to the Analysis of SSL 3.0

View Related Documents

Abstract

Fulltext Preview