A Cryptographic Analysis of the TLS 1.3 draft-10 Full and Pre-shared Key Handshake Protocol. - Citegraph

Paper Info

Title
A Cryptographic Analysis of the TLS 1.3 draft-10 Full and Pre-shared Key Handshake Protocol.

Abstract
We analyze the handshake protocol of TLS 1.3 draft-ietf-tls-tls13-10 (published October 2015). This continues and extends our previous analysis (CCS 2015, Cryptology ePrint Archive 2015) of former TLS 1.3 drafts (draft-ietf-tls-tls13-05 and draft-ietf-tls-tls13-dh-based). Here we show that the full (EC)DHE Diffie–Hellman-based handshake of draft-10 is also secure in the multi-stage key exchange framework of Fischlin and Gunther which captures classical Bellare–Rogaway key secrecy for key exchange protocols that derive multiple keys. We also note that a recent protocol change—the introduction of a NewSessionTicket message for resumption, encrypted under the application traffic key—impairs the protocol modularity and hence our compositional guarantees that ideally would allow an independent analysis of the record protocol. We additionally analyze the pre-shared key modes (with and without ephemeral Diffie–Hellman key), and fit them into the composability framework, addressing composability with the input resumption secret from a previous handshake and of the output session keys.

Year	Venue	Field
2016	IACR Cryptology ePrint Archive	Key management,Cryptographic protocol,Handshake,Key exchange,Cryptography,Computer science,Computer network,Cryptographic primitive,Pre-shared key,Composability
DocType	Volume	Citations
Journal	2016	6
PageRank	References	Authors
0.45	6	4

Authors (4 rows)

Cited by (6 rows)

References (6 rows)

Name	Order	Citations	PageRank
Benjamin Dowling	1	68	5.66
Marc Fischlin	2	1709	92.71
Felix Günther	3	105	8.14
Douglas Stebila	4	578	48.66

1