On post-handshake authentication and external PSKs in TLS 1.3

On post-handshake authentication and external PSKs in TLS 1.3

The TLS protocol is the main cryptographic protocol of the Internet. The work on its current version, TLS 1.3, was completed in 2018. This version differs significantly from the previous ones and has a clean-state design taking into account all modern principles of constructing secure cryptographic...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of Computer Virology and Hacking Techniques 2020-12, Vol.16 (4), p.269-274
Hauptverfasser: Akhmetzyanova, Liliya, Alekseev, Evgeny, Smyshlyaeva, Ekaterina, Sokolov, Alexandr
Format: Artikel
Sprache:eng
Schlagworte:
Computer Science
Cryptography
Original Paper
Protocol (computers)
Security
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The TLS protocol is the main cryptographic protocol of the Internet. The work on its current version, TLS 1.3, was completed in 2018. This version differs significantly from the previous ones and has a clean-state design taking into account all modern principles of constructing secure cryptographic protocols. At the same time, even when there are security proofs in some fairly strong security model, it is important to explore the possibility of extending this model and then clarifying the security limits of the protocol. This work considers the restriction on the usage of post-handshake authentication in connections established with external PSK. We show that some vulnerability appears in the case of psk_ke mode (PSK-only key establishment) if more than one pair of entities can possess the same PSK. We provide several practical scenarios where this condition can be easily achieved. Also we propose appropriate mitigation to prevent this vulnerability.
ISSN:2263-8733
2263-8733
DOI:10.1007/s11416-020-00352-0