Nishen Peiris - Academia.edu (original) (raw)
Papers by Nishen Peiris
Security models have been developed over time to examine the security of two-party authenticated ... more Security models have been developed over time to examine the security of two-party authenticated key exchange protocols. In 2007, a reasonably strong security model for key exchange protocols has been proposed, namely extended Canetti-Krawczyk model (eCK model), addressing wide range of real-world attack scenarios. They constructed a protocol called NAXOS, that is proven secure in the eCK model. In order to satisfy the eCK security, NAXOS protocol uses a hash function to combine the ephemeral key with the long-term secret key, which is often called as “NAXOS trick”. However, for the NAXOS trick based protocols, the way of leakage modelled in the eCK model leads to an unnatural assumption of leak-free computation of the hash function. In 2015, Alawatugoda, Stebila and Boyd presented a secure and NAXOS trick key exchange protocol, namely protocol P1. In this work, we implement the protocol P1 to be used with the widely-used OpenSSL cryptographic library. OpenSSL implementations are wi...
International Journal on Advanced Science, Engineering and Information Technology
Security models have been developed over time to examine the security of two-party authenticated ... more Security models have been developed over time to examine the security of two-party authenticated key exchange protocols. In 2007, a reasonably strong security model for key exchange protocols has been proposed, namely extended Canetti-Krawczyk model (eCK model), addressing wide range of real-world attack scenarios. They constructed a protocol called NAXOS, that is proven secure in the eCK model. In order to satisfy the eCK security, NAXOS protocol uses a hash function to combine the ephemeral key with the long-term secret key, which is often called as "NAXOS trick". However, for the NAXOS trick based protocols, the way of leakage modelled in the eCK model leads to an unnatural assumption of leak-free computation of the hash function. In 2015, Alawatugoda, Stebila and Boyd presented a secure and NAXOS trick key exchange protocol, namely protocol P1. In this work, we implement the protocol P1 to be used with the widely-used OpenSSL cryptographic library. OpenSSL implementations are widely used with the real-world security protocol suites, particularly Security Socket Layer and Transport Layer Security. According to our knowledge, this is the first implementation of an eCK-secure protocol for the OpenSSL library. Thus, we open up the direction to use the recent advancements of cryptography for real-world Internet communication.
Security models have been developed over time to examine the security of two-party authenticated ... more Security models have been developed over time to examine the security of two-party authenticated key exchange protocols. In 2007, a reasonably strong security model for key exchange protocols has been proposed, namely extended Canetti-Krawczyk model (eCK model), addressing wide range of real-world attack scenarios. They constructed a protocol called NAXOS, that is proven secure in the eCK model. In order to satisfy the eCK security, NAXOS protocol uses a hash function to combine the ephemeral key with the long-term secret key, which is often called as “NAXOS trick”. However, for the NAXOS trick based protocols, the way of leakage modelled in the eCK model leads to an unnatural assumption of leak-free computation of the hash function. In 2015, Alawatugoda, Stebila and Boyd presented a secure and NAXOS trick key exchange protocol, namely protocol P1. In this work, we implement the protocol P1 to be used with the widely-used OpenSSL cryptographic library. OpenSSL implementations are wi...
International Journal on Advanced Science, Engineering and Information Technology
Security models have been developed over time to examine the security of two-party authenticated ... more Security models have been developed over time to examine the security of two-party authenticated key exchange protocols. In 2007, a reasonably strong security model for key exchange protocols has been proposed, namely extended Canetti-Krawczyk model (eCK model), addressing wide range of real-world attack scenarios. They constructed a protocol called NAXOS, that is proven secure in the eCK model. In order to satisfy the eCK security, NAXOS protocol uses a hash function to combine the ephemeral key with the long-term secret key, which is often called as "NAXOS trick". However, for the NAXOS trick based protocols, the way of leakage modelled in the eCK model leads to an unnatural assumption of leak-free computation of the hash function. In 2015, Alawatugoda, Stebila and Boyd presented a secure and NAXOS trick key exchange protocol, namely protocol P1. In this work, we implement the protocol P1 to be used with the widely-used OpenSSL cryptographic library. OpenSSL implementations are widely used with the real-world security protocol suites, particularly Security Socket Layer and Transport Layer Security. According to our knowledge, this is the first implementation of an eCK-secure protocol for the OpenSSL library. Thus, we open up the direction to use the recent advancements of cryptography for real-world Internet communication.