WEKO3
アイテム
Looking Further into the Security of End-to-End Encryption of SFrame
https://ipsj.ixsq.nii.ac.jp/records/239357
https://ipsj.ixsq.nii.ac.jp/records/239357301dffd9-f59a-4a8c-97b4-7cbe55016ebf
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-JNL6509003.pdf (646.5 kB)
2026年9月15日からダウンロード可能です。
|
Copyright (c) 2024 by the Information Processing Society of Japan
|
|
| 非会員:¥0, IPSJ:学会員:¥0, 論文誌:会員:¥0, DLIB:会員:¥0 | ||
| Item type | Journal(1) | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 公開日 | 2024-09-15 | |||||||||||
| タイトル | ||||||||||||
| タイトル | Looking Further into the Security of End-to-End Encryption of SFrame | |||||||||||
| タイトル | ||||||||||||
| 言語 | en | |||||||||||
| タイトル | Looking Further into the Security of End-to-End Encryption of SFrame | |||||||||||
| 言語 | ||||||||||||
| 言語 | eng | |||||||||||
| キーワード | ||||||||||||
| 主題Scheme | Other | |||||||||||
| 主題 | [特集:サプライチェーンを安全にするサイバーセキュリティ技術] End-to-End Encryption, SFrame, Forgery | |||||||||||
| 資源タイプ | ||||||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||||||
| 資源タイプ | journal article | |||||||||||
| 著者所属 | ||||||||||||
| University of Hyogo | ||||||||||||
| 著者所属 | ||||||||||||
| University of Hyogo | ||||||||||||
| 著者所属 | ||||||||||||
| University of Hyogo | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| University of Hyogo | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| University of Hyogo | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| University of Hyogo | ||||||||||||
| 著者名 |
Shogo, Shiraki
× Shogo, Shiraki
× Hayato, Kimura
× Takanori, Isobe
|
|||||||||||
| 著者名(英) |
Shogo, Shiraki
× Shogo, Shiraki
× Hayato, Kimura
× Takanori, Isobe
|
|||||||||||
| 論文抄録 | ||||||||||||
| 内容記述タイプ | Other | |||||||||||
| 内容記述 | The global outbreak of COVID-19 has rapidly increased the use of video conferencing systems, highlighting the importance of end-to-end encryption (E2EE) technology for protecting user privacy. This paper analyzes the security of SFrame, an E2EE technology used in Cisco Webex and similar systems. Specifically, we assess the security of SFrame as described in two versions published by the IETF: an older version known as draft-omara-sframe-01 and the latest version at the time of writing this paper, draft-ietf-sframe-enc-03. The draft-omara-sframe-01 had signature vulnerabilities pointed out by Isobe et al., and the draft-ietf-sframe-enc-03 includes updates addressing these issues. First, we analyze the older version of SFrame, draft-omara-sframe-01, and propose new attacks that allows us to manipulate more plaintext than the attacks identified by Isobe et al. Next, we study the latest version, draft-ietf-sframe-enc-03, showing that many of the attacks proposed by Isobe et al. and our new attacks are still effective against this latest version, even when it uses the same signature process as the older version. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.32(2024) (online) DOI http://dx.doi.org/10.2197/ipsjjip.32.679 ------------------------------ |
|||||||||||
| 論文抄録(英) | ||||||||||||
| 内容記述タイプ | Other | |||||||||||
| 内容記述 | The global outbreak of COVID-19 has rapidly increased the use of video conferencing systems, highlighting the importance of end-to-end encryption (E2EE) technology for protecting user privacy. This paper analyzes the security of SFrame, an E2EE technology used in Cisco Webex and similar systems. Specifically, we assess the security of SFrame as described in two versions published by the IETF: an older version known as draft-omara-sframe-01 and the latest version at the time of writing this paper, draft-ietf-sframe-enc-03. The draft-omara-sframe-01 had signature vulnerabilities pointed out by Isobe et al., and the draft-ietf-sframe-enc-03 includes updates addressing these issues. First, we analyze the older version of SFrame, draft-omara-sframe-01, and propose new attacks that allows us to manipulate more plaintext than the attacks identified by Isobe et al. Next, we study the latest version, draft-ietf-sframe-enc-03, showing that many of the attacks proposed by Isobe et al. and our new attacks are still effective against this latest version, even when it uses the same signature process as the older version. ------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.32(2024) (online) DOI http://dx.doi.org/10.2197/ipsjjip.32.679 ------------------------------ |
|||||||||||
| 書誌レコードID | ||||||||||||
| 収録物識別子タイプ | NCID | |||||||||||
| 収録物識別子 | AN00116647 | |||||||||||
| 書誌情報 |
情報処理学会論文誌 巻 65, 号 9, 発行日 2024-09-15 |
|||||||||||
| ISSN | ||||||||||||
| 収録物識別子タイプ | ISSN | |||||||||||
| 収録物識別子 | 1882-7764 | |||||||||||
| 公開者 | ||||||||||||
| 言語 | ja | |||||||||||
| 出版者 | 情報処理学会 | |||||||||||
