Detecting Key-Dependencies

Gianluca Dini, C. Boyd (Editor), A. Helme, E. Dawson (Editor), Tage Stabell-Kulo

    Research output: Contribution to conferencePaperAcademicpeer-review

    101 Downloads (Pure)


    The confidentiality of encrypted data depends on how well the key under which it was encrypted is maintained. If a session key was exchanged encrypted under a long-term key, exposure of the long-term key may reveal the session key and hence the data encrypted with it. The problem of key-dependencies between keys can be mapped onto connectivity of a graph, and the resulting graph can be inspected. This article presents a structured method (an algorithm) with which key-dependencies can be detected and analysed. Several well-known protocols are examined, and it is shown that they are vulnerable to certain attacks exploiting key-dependencies. Protocols which are free from this defect do exist. That is, when a session is terminated it is properly closed.
    Original languageUndefined
    Number of pages11
    Publication statusPublished - Jul 1998
    Event3rd Australasian Conference on Information Security and Privacy, ACISP 1998 - Brisbane, Australia
    Duration: 13 Jul 199815 Jul 1998
    Conference number: 3


    Conference3rd Australasian Conference on Information Security and Privacy, ACISP 1998
    Abbreviated titleACISP


    • IR-56226
    • EWI-1061

    Cite this