Provably insecure group authentication: Not all security proofs are what they claim to be

05/11/2020
by   Chris J Mitchell, et al.
0

A paper presented at the ICICS 2019 conference describes what is claimed to be a `provably secure group authentication [protocol] in the asynchronous communication model'. We show here that this is far from being the case, as the protocol is subject to attacks breaking the security model. To try to explain this troubling case, an earlier (2013) scheme on which the ICICS 2019 protocol is based was also examined and found to possess even more severe flaws – this latter scheme was previously known to be subject to attack, but not in quite as fundamental a way as is shown here. Examination of the `proofs' of the security `theorems' provided in both the 2013 and 2019 papers reveals that in neither case are the proofs rigorous; the issues raised by this are also briefly discussed.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
03/15/2021

Formal Modelling and Security Analysis of Bitcoin's Payment Protocol

The Payment Protocol standard BIP70, specifying how payments in Bitcoin ...
research
10/30/2019

Breaking and (Partially) Fixing Provably Secure Onion Routing

After several years of research on onion routing, Camenisch and Lysyansk...
research
05/08/2023

If it's Provably Secure, It Probably Isn't: Why Learning from Proof Failure is Hard

In this paper we're going to explore the ways in which security proofs c...
research
09/16/2022

PA-Boot: A Formally Verified Authentication Protocol for Multiprocessor Secure Boot

Hardware supply-chain attacks are raising significant security threats t...
research
08/01/2022

PSAA: Provable Secure and Anti-Quantum Authentication Based on Randomized RLWE for Space Information Network

Currently, due to the high scalability and global coverage of space info...
research
12/04/2018

An Idea to Increase the Security of EAP-MD5 Protocol Against Dictionary Attack

IEEE 802.1X is an international standard for Port-based Network Access C...
research
06/08/2018

Provably Secure Integration Cryptosystem on Non-Commutative Group

Braid group is a very important non-commutative group. It is also an imp...

Please sign up or login with your details

Forgot password? Click here to reset