Title | ||
---|---|---|
Safely Exporting Keys from Secure Channels - On the Security of EAP-TLS and TLS Key Exporters. |
Abstract | ||
---|---|---|
We investigate how to safely export additional cryptographic keys from secure channel protocols, modelled with the authenticated and confidential channel establishment (ACCE) security notion. For example, the EAP-TLS protocol uses the Transport Layer Security (TLS) handshake to output an additional shared secret which can be used for purposes outside of TLS, and the RFC 5705 standard specifies a general mechanism for exporting keying material from TLS. We show that, for a class of ACCE protocols we call "TLS-like" protocols, the EAP-TLS transformation can be used to export an additional key, and that the result is a secure AKE protocol in the Bellare-Rogaway model. Interestingly, we are able to carry out the proof without looking at the specifics of the TLS protocol itself (beyond the notion that it is "TLS-like"), but rather are able to use the ACCE property in a semi black-box way. To facilitate our modular proof, we develop a novel technique, notably an encryption-based key checking mechanism that is used by the security reduction. Our results imply that EAP-TLS using secure TLS 1.2 cipher-suites is a secure authenticated key exchange protocol. |
Year | DOI | Venue |
---|---|---|
2016 | 10.1007/978-3-662-49890-3_26 | ADVANCES IN CRYPTOLOGY - EUROCRYPT 2016, PT I |
Field | DocType | Volume |
Computer science,Computer security,Communication channel,Computer network | Conference | 9665 |
ISSN | Citations | PageRank |
0302-9743 | 2 | 0.39 |
References | Authors | |
0 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Christina Brzuska | 1 | 314 | 13.15 |
Håkon Jacobsen | 2 | 7 | 1.44 |
Douglas Stebila | 3 | 578 | 48.66 |