Paper 2008/251

Universally Composable Security Analysis of TLS---Secure Sessions with Handshake and Record Layer Protocols

Sebastian Gajek, Mark Manulis, Olivier Pereira, Ahmad-Reza Sadeghi, and Jörg Schwenk

Abstract

We present a security analysis of the complete TLS protocol in the Universal Composable security framework. This analysis evaluates the composition of key exchange functionalities realized by the TLS handshake with the message transmission of the TLS record layer to emulate secure communication sessions and is based on the adaption of the secure channel model from Canetti and Krawczyk to the setting where peer identities are not necessarily known prior the protocol invocation and may remain undisclosed. Our analysis shows that TLS, including the Diffie-Hellman and key transport suites in the uni-directional and bi-directional models of authentication, securely emulates secure communication sessions.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
Universal ComposabilityTLSSSLkey exchangesecure sessions
Contact author(s)
sebastian gajek @ nds rub de
History
2008-07-03: last of 2 revisions
2008-06-03: received
See all versions
Short URL
https://ia.cr/2008/251
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2008/251,
      author = {Sebastian Gajek and Mark Manulis and Olivier Pereira and Ahmad-Reza Sadeghi and Jörg Schwenk},
      title = {Universally Composable Security Analysis of {TLS}---Secure Sessions with Handshake and Record Layer Protocols},
      howpublished = {Cryptology {ePrint} Archive, Paper 2008/251},
      year = {2008},
      url = {https://eprint.iacr.org/2008/251}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.