講演抄録/キーワード |
講演名 |
2015-05-15 15:25
QUICの安全性評価について ○Masaya Iseki(東工大)・Eiichiro Fujisaki(NTT) ISEC2015-5 |
抄録 |
(和) |
We study the security of Quick UDP Internet Connections (QUIC for short) --
an experimental transport layer network protocol recently developed by Google
-- and show some security concern,
when abbreviated handshakes, aka ``resumptions", are established.
To explain our concern, we propose a new security model,
extending server-only authenticated and channel confidentiality establishment (SACCE),
so that authentication and channel confidentiality can be evaluated
including abbreviated handshake (resumption) sessions.
We then show that QUIC meets the weaker version of our security notion,
but not the stronger one.
On one hand, we show that QUIC with CETV, QUIC
with an optional client encrypted tag value (CETV) mechanism,
satisfies the stronger one. |
(英) |
We study the security of Quick UDP Internet Connections (QUIC for short) --
an experimental transport layer network protocol recently developed by Google
-- and show some security concern,
when abbreviated handshakes, aka ``resumptions", are established.
To explain our concern, we propose a new security model,
extending server-only authenticated and channel confidentiality establishment (SACCE),
so that authentication and channel confidentiality can be evaluated
including abbreviated handshake (resumption) sessions.
We then show that QUIC meets the weaker version of our security notion,
but not the stronger one.
On one hand, we show that QUIC with CETV, QUIC
with an optional client encrypted tag value (CETV) mechanism,
satisfies the stronger one. |
キーワード |
(和) |
QUIC / Diffie-Hellman key exchange / resumption / forward secrecy / provable security / / / |
(英) |
QUIC / Diffie-Hellman key exchange / resumption / forward secrecy / provable security / / / |
文献情報 |
信学技報, vol. 115, no. 28, ISEC2015-5, pp. 31-38, 2015年5月. |
資料番号 |
ISEC2015-5 |
発行日 |
2015-05-08 (ISEC) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
著作権に ついて |
技術研究報告に掲載された論文の著作権は電子情報通信学会に帰属します.(許諾番号:10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
PDFダウンロード |
ISEC2015-5 |
|