Author | Conference | Journal | Organization | Year | DOI
Look for results that meet for the following criteria:
Academic
Publications
Towards Denial-of-Service-Resilient Key Agreement Protocols
Edit
Towards Denial-of-Service-Resilient Key Agreement Protocols   (Citations: 4)
BibTex | RIS | RefWorks Download
Denial of service resilience is an important practical consideration for key agreement protocols in any hostile environment such as the Internet. There are well-known models that consider the security of key agreement protocols, but denial of service resilience is not considered as part of these models. Many protocols have been argued to be denial-of-service-resilient, only to be subsequently broken or shown ineective. In this work we propose a formal denition of denial of service resilience, a model for secure authenticated key agreement, and show how security and denial of service resilience can be considered in a common framework, with a particular focus on client puzzles. The model accommodates a variety of techniques for achieving denial of service resilience, and we describe one such technique by exhibiting a denial-of-service-resilient secure authenticated key agreement protocol. Our approach addresses the correct integration of denial of service countermeasures with the key agreement protocol to prevent hijacking attacks that would otherwise render the countermeasures irrelevant.
Conference: Australasian Conference on Information Security and Privacy - ACISP , pp. 389-406, 2009
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.
More »
    • ...More recently, Stebila and Ustaoglu [31] described a security model for the DoS resistance of key exchange protocols, and Chen et al. [13] proposed a formalization of client puzzles and puzzle difficulty, using a game between a single challenger and a single adversary...
    • ...The existing DoS countermeasure models [18, 13, 31] address the ability of a runtime-bounded adversary to solve a single puzzle, but not of solving multiple puzzles: if one puzzle takes time 2 20 to solve, for example, will 2 30 puzzles will take time 2 50 to solve? This is important in practice, for an adversary will likely have more power than needed to solve a single puzzle...
    • ...Capkun [20] – it is hard to solve one instance (satisfying existing definitions [31, 13]), but many instances can be solved without too much more work...
    • ...This generalizes the work of Stebila and Ustaoglu [31] on DoS-resistant key exchange protocols, while also accommodating our stronger notion of security for multiple puzzles as described above...
    • ...Stebila and Ustaoglu [31] gave a provable security model for the DoS resistance of key agreement protocols based on the eCK model for key agreement security [22]...
    • ...While the existing models [18, 31, 13] describe the difficulty of DoS countermeasures when faced with an adversary trying to solve one puzzle, these models do not adequately defend against powerful adversaries who can expend more than the effort required to solve a single puzzle...
    • ...While the examples in this section focus on the security definition of Chen et al. [13], they can also be applied to the model of Stebila and Ustaoglu [31]...
    • ...This could allow client’s work to be stolen by an attacker [31] or redirected [23]...
    • ...Our approach begins similar to that of Stebila and Ustaoglu [31]...
    • ...We follow the approach of Stebila and Ustaoglu [31] in dealing with replay attacks, where replay attacks are avoided by uniqueness of presession identifiers of accepted presessions...

    Douglas Stebilaet al. Stronger Difficulty Notions for Client Puzzles and Denial-of-Service-R...

    • ...Protocol designers have tried to reduce the impact of DoS attacks by implementing several countermeasures as a preamble to the network protocols [25, 16, 22, 7]. Dean and Stubbleeld rst used client puzzles to protect TLS [11]...

    Jothi Rangasamyet al. An integrated approach to cryptographic mitigation of denial-of-servic...

    • ...Client puzzles were first proposed by Dwork and Naor [12] to control junk email by having recipients only accept emails if they were accompanied by a correct puzzle solution, and have since been extended to protect cryptographic protocols such as authentication [13], [14] and key exchange [15], [16] protocols, as well as network protocols such as TCP [17] and TLS [18], [19]...

    Suriadi Suriadiet al. Defending Web Services against Denial of Service Attacks Using Client ...

    • ...Five criteria for DoS resilience are given in [23]...
    • ...However the criteria stated in [23] are informal and relations between them are not clearly established...
    • ...According to [23], a protocol is dened as DoSresilient if each server only performs expensive operations in a session that follows an \acceptable pre-session" in which the client performs the proof of work...
    • ...Our restriction of balanced cost between protocol participants covers criterion 4 from [23], while the rst three criteria are covered by our condition for malicious executions...
    • ...To overcome this, unforgeable puzzles [7] should be used or otherwise the protocol should ensure by design that the work of some honest principals cannot be stolen by a malicious adversary, a principle also stated in [23]...

    Bogdan Grozaet al. Formal modelling and automatic detection of resource exhaustion attack...

Order by:

Citations (4)

Share this on | Contribute to Academic