10,020 research outputs found
Authentication of Quantum Messages
Authentication is a well-studied area of classical cryptography: a sender S
and a receiver R sharing a classical private key want to exchange a classical
message with the guarantee that the message has not been modified by any third
party with control of the communication line. In this paper we define and
investigate the authentication of messages composed of quantum states. Assuming
S and R have access to an insecure quantum channel and share a private,
classical random key, we provide a non-interactive scheme that enables S both
to encrypt and to authenticate (with unconditional security) an m qubit message
by encoding it into m+s qubits, where the failure probability decreases
exponentially in the security parameter s. The classical private key is 2m+O(s)
bits. To achieve this, we give a highly efficient protocol for testing the
purity of shared EPR pairs. We also show that any scheme to authenticate
quantum messages must also encrypt them. (In contrast, one can authenticate a
classical message while leaving it publicly readable.) This has two important
consequences: On one hand, it allows us to give a lower bound of 2m key bits
for authenticating m qubits, which makes our protocol asymptotically optimal.
On the other hand, we use it to show that digitally signing quantum states is
impossible, even with only computational security.Comment: 22 pages, LaTeX, uses amssymb, latexsym, time
Automatic analysis of distance bounding protocols
Distance bounding protocols are used by nodes in wireless networks to
calculate upper bounds on their distances to other nodes. However, dishonest
nodes in the network can turn the calculations both illegitimate and inaccurate
when they participate in protocol executions. It is important to analyze
protocols for the possibility of such violations. Past efforts to analyze
distance bounding protocols have only been manual. However, automated
approaches are important since they are quite likely to find flaws that manual
approaches cannot, as witnessed in literature for analysis pertaining to key
establishment protocols. In this paper, we use the constraint solver tool to
automatically analyze distance bounding protocols. We first formulate a new
trace property called Secure Distance Bounding (SDB) that protocol executions
must satisfy. We then classify the scenarios in which these protocols can
operate considering the (dis)honesty of nodes and location of the attacker in
the network. Finally, we extend the constraint solver so that it can be used to
test protocols for violations of SDB in these scenarios and illustrate our
technique on some published protocols.Comment: 22 pages, Appeared in Foundations of Computer Security, (Affiliated
workshop of LICS 2009, Los Angeles, CA)
Authenticated tree parity machine key exchange
The synchronisation of Tree Parity Machines (TPMs), has proven to provide a
valuable alternative concept for secure symmetric key exchange. Yet, from a
cryptographer's point of view, authentication is at least as important as a
secure exchange of keys. Adding an authentication via hashing e.g. is
straightforward but with no relation to Neural Cryptography. We consequently
formulate an authenticated key exchange within this concept. Another
alternative, integrating a Zero-Knowledge protocol into the synchronisation, is
also presented. A Man-In-The-Middle attack and even all currently known
attacks, that are based on using identically structured TPMs and
synchronisation as well, can so be averted. This in turn has practical
consequences on using the trajectory in weight space. Both suggestions have the
advantage of not affecting the previously observed physics of this interacting
system at all.Comment: This work directly relates to cond-mat/0202112 (see also
http://arxiv.org/find/cond-mat/1/au:+Kinzel/0/1/0/all/0/1
Proof Theory, Transformations, and Logic Programming for Debugging Security Protocols
We define a sequent calculus to formally specify, simulate, debug and verify security protocols. In our sequents we distinguish between the current knowledge of principals and the current global state of the session. Hereby, we can describe the operational semantics of principals and of an intruder in a simple and modular way. Furthermore, using proof theoretic tools like the analysis of permutability of rules, we are able to find efficient proof strategies that we prove complete for special classes of security protocols including Needham-Schroeder. Based on the results of this preliminary analysis, we have implemented a Prolog meta-interpreter which allows for rapid prototyping and for checking safety properties of security protocols, and we have applied it for finding error traces and proving correctness of practical examples
Easy 4G/LTE IMSI Catchers for Non-Programmers
IMSI Catchers are tracking devices that break the privacy of the subscribers
of mobile access networks, with disruptive effects to both the communication
services and the trust and credibility of mobile network operators. Recently,
we verified that IMSI Catcher attacks are really practical for the
state-of-the-art 4G/LTE mobile systems too. Our IMSI Catcher device acquires
subscription identities (IMSIs) within an area or location within a few seconds
of operation and then denies access of subscribers to the commercial network.
Moreover, we demonstrate that these attack devices can be easily built and
operated using readily available tools and equipment, and without any
programming. We describe our experiments and procedures that are based on
commercially available hardware and unmodified open source software
- …