Security of Authentication Protocols with Compromised Certificates

Presentation	2000/1/25 Security of Authentication Protocols with Compromised Certificates W. Wen, F. Mizoguchi,
PDF Download Page	PDF download Page Link
Abstract(in Japanese)	(See Japanese page)
Abstract(in English)	The security of authentication protocols based on public key cryptography depends on the validity of the certificate. Usually, it is assumed that a well deployed PKI can guarantee the validity of certificates at all time through mechanisms such as CRL or OCSP. In reality, such guarantee is not always assured. It is therefore necessary to analyze the security of these protocols in such "faulty" circumstances and to provide a measure of how fault-tolerant such protocols are. This paper describes the results of our analysis of public key based authentication protocols in various situations with compromised certificates. It is shown that in addition to trivial attacks as the result of compromised certificates, serious attacks are possible. Our results also demonstrate why it is necessary to use the hash of all handshake messages in "certificate verify" step of TLS rather than just a few "critical components" as suggested in [8].
Keyword(in Japanese)	(See Japanese page)
Keyword(in English)	Authentication Protocols / Verification
Paper #	ISEC99-91
Date of Issue

Paper Information
Registration To	Information Security (ISEC)
Language	ENG
Title (in Japanese)	(See Japanese page)
Sub Title (in Japanese)	(See Japanese page)
Title (in English)	Security of Authentication Protocols with Compromised Certificates
Sub Title (in English)
Keyword(1)	Authentication Protocols
Keyword(2)	Verification
1st Author's Name	W. Wen
1st Author's Affiliation	Information Media Center Science University of Tokyo()
2nd Author's Name	F. Mizoguchi
2nd Author's Affiliation	Information Media Center Science University of Tokyo
Date	2000/1/25
Paper #	ISEC99-91
Volume (vol)	vol.99
Number (no)	584
Page	pp.pp.-
#Pages	8
Date of Issue