Paper 2008/419

Parsing ambiguities in authentication and key establishment protocols

Liqun Chen and Chris J. Mitchell

Abstract

A new class of attacks against authentication and authenticated key establishment protocols is described, which we call parsing ambiguity attacks. If appropriate precautions are not deployed, these attacks apply to a very wide range of such protocols, including those specified in a number of international standards. Three example attacks are described in detail, and possible generalisations are also outlined. Finally, possible countermeasures are given, as are recommendations for modifications to the relevant standards.

Metadata
Available format(s)
PDF PS
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
parsing ambiguity attacksauthentication protocolsauthenticated key establishment protocols
Contact author(s)
liqun chen @ hp com
History
2008-10-02: received
Short URL
https://ia.cr/2008/419
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2008/419,
      author = {Liqun Chen and Chris J.  Mitchell},
      title = {Parsing ambiguities in authentication and key establishment protocols},
      howpublished = {Cryptology ePrint Archive, Paper 2008/419},
      year = {2008},
      note = {\url{https://eprint.iacr.org/2008/419}},
      url = {https://eprint.iacr.org/2008/419}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.