Detecting Key-Dependencies

Gianluca Dini, C. Boyd (Editor), A. Helme, E. Dawson (Editor), Tage Stabell-Kulo

    Research output: Contribution to conferencePaper

    40 Downloads (Pure)

    Abstract

    The confidentiality of encrypted data depends on how well the key under which it was encrypted is maintained. If a session key was exchanged encrypted under a long-term key, exposure of the long-term key may reveal the session key and hence the data encrypted with it. The problem of key-dependencies between keys can be mapped onto connectivity of a graph, and the resulting graph can be inspected. This article presents a structured method (an algorithm) with which key-dependencies can be detected and analysed. Several well-known protocols are examined, and it is shown that they are vulnerable to certain attacks exploiting key-dependencies. Protocols which are free from this defect do exist. That is, when a session is terminated it is properly closed.
    Original languageUndefined
    Pages356-366
    Number of pages11
    DOIs
    Publication statusPublished - Jul 1998
    Event3rd Australasian Conference on Information Security and Privacy, ACISP 1998 - Brisbane, Australia
    Duration: 13 Jul 199815 Jul 1998
    Conference number: 3

    Conference

    Conference3rd Australasian Conference on Information Security and Privacy, ACISP 1998
    Abbreviated titleACISP
    CountryAustralia
    CityBrisbane
    Period13/07/9815/07/98

    Keywords

    • IR-56226
    • EWI-1061

    Cite this

    Dini, G., Boyd, C. (Ed.), Helme, A., Dawson, E. (Ed.), & Stabell-Kulo, T. (1998). Detecting Key-Dependencies. 356-366. Paper presented at 3rd Australasian Conference on Information Security and Privacy, ACISP 1998, Brisbane, Australia. https://doi.org/10.1007/BFb0053747