WEKO3
アイテム
Attacks on Authentication Protocols with Compromised Certificates and How to Fix them
https://ipsj.ixsq.nii.ac.jp/records/12215
https://ipsj.ixsq.nii.ac.jp/records/122157957d007-25db-45cc-ab64-4c59c62f7c3a
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-JNL4108006.pdf (314.9 kB)
|
Copyright (c) 2000 by the Information Processing Society of Japan
|
|
| オープンアクセス | ||
| Item type | Journal(1) | |||||||
|---|---|---|---|---|---|---|---|---|
| 公開日 | 2000-08-15 | |||||||
| タイトル | ||||||||
| タイトル | Attacks on Authentication Protocols with Compromised Certificates and How to Fix them | |||||||
| タイトル | ||||||||
| 言語 | en | |||||||
| タイトル | Attacks on Authentication Protocols with Compromised Certificates and How to Fix them | |||||||
| 言語 | ||||||||
| 言語 | eng | |||||||
| キーワード | ||||||||
| 主題Scheme | Other | |||||||
| 主題 | 特集:情報セキュリティの理論と応用 | |||||||
| 資源タイプ | ||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||
| 資源タイプ | journal article | |||||||
| その他タイトル | ||||||||
| その他のタイトル | 認証 | |||||||
| 著者所属 | ||||||||
| Information Media Center Science University of Tokyo | ||||||||
| 著者所属 | ||||||||
| Department of Information Systems Science University of Tokyo | ||||||||
| 著者所属 | ||||||||
| Department of Industrial Administration Science University of Tokyo | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Information Media Center, Science University of Tokyo | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Department of Information Systems, Science University of Tokyo | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Department of Industrial Administration, Science University of Tokyo | ||||||||
| 著者名 |
Wu, Wen
× Wu, Wen
|
|||||||
| 著者名(英) |
Wu, Wen
× Wu, Wen
|
|||||||
| 論文抄録 | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | The security of authentication protocols based on public keycryptography depends on the validity and freshness of thecertificate. It is usually assumed that a well deployed Public KeyInfrastructure (PKI) can guarantee the validity and freshness ofcertificates through mechanisms such as Certificate Revocation List (CRL) or Online Certificate Status Protocol. In reality such aguarantee is not always assured. This paper analyzes the security ofpublic key authentication protocols in various situations withcompromised certificates. A particular type of attack namely the``ex-employee attack '' against the ``named-server anonymous-client''mode of the SSL/TLS handshake protocol is described as well as amodified version of the SSL/TLS handshake protocol that can preventthe ``ex-employee attack.'' Methods for analyzing these protocols arealso presented. | |||||||
| 論文抄録(英) | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | The security of authentication protocols based on public keycryptography depends on the validity and freshness of thecertificate. It is usually assumed that a well deployed Public KeyInfrastructure (PKI) can guarantee the validity and freshness ofcertificates through mechanisms such as Certificate Revocation List (CRL) or Online Certificate Status Protocol. In reality, such aguarantee is not always assured. This paper analyzes the security ofpublic key authentication protocols in various situations withcompromised certificates. A particular type of attack, namely the``ex-employee attack,'' against the ``named-server, anonymous-client''mode of the SSL/TLS handshake protocol is described, as well as amodified version of the SSL/TLS handshake protocol that can preventthe ``ex-employee attack.'' Methods for analyzing these protocols arealso presented. | |||||||
| 書誌レコードID | ||||||||
| 収録物識別子タイプ | NCID | |||||||
| 収録物識別子 | AN00116647 | |||||||
| 書誌情報 |
情報処理学会論文誌 巻 41, 号 8, p. 2110-2120, 発行日 2000-08-15 |
|||||||
| ISSN | ||||||||
| 収録物識別子タイプ | ISSN | |||||||
| 収録物識別子 | 1882-7764 | |||||||
