Paper 2017/1191
Data Is a Stream: Security of Stream-Based Channels
Marc Fischlin, Felix Günther, Giorgia Azzurra Marson, and Kenneth G. Paterson
Abstract
The common approach to defining secure channels in the literature is to consider transportation of discrete messages provided via atomic encryption and decryption interfaces. This, however, ignores that many practical protocols (including TLS, SSH, and QUIC) offer streaming interfaces instead, moreover with the complexity that the network (possibly under adversarial control) may deliver arbitrary fragments of ciphertexts to the receiver. To address this deficiency, we initiate the study of stream-based channels and their security. We present notions of confidentiality and integrity for such channels, akin to the notions for atomic channels, but taking the peculiarities of streams into account. We provide a composition result for our setting, saying that combining chosen-plaintext confidentiality with integrity of the transmitted ciphertext stream lifts confidentiality of the channel to chosen-ciphertext security. Notably, for our proof of this theorem in the streaming setting we need an additional property, called error predictability. We give an AEAD-based construction that achieves our notion of a secure stream-based channel. The construction matches rather well the one used in TLS, providing validation of that protocol's design. Finally, we study how applications that actually aim at transporting atomic messages can do so safely over a stream-based channel. We provide corresponding security notions and a generic and secure 'encode-then-stream' paradigm.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- A major revision of an IACR publication in CRYPTO 2015
- DOI
- 10.1007/978-3-662-48000-7_27
- Keywords
- secure channeldata streamAEADconfidentialityintegrityfragmentation
- Contact author(s)
- guenther @ cs tu-darmstadt de
- History
- 2017-12-12: received
- Short URL
- https://ia.cr/2017/1191
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2017/1191, author = {Marc Fischlin and Felix Günther and Giorgia Azzurra Marson and Kenneth G. Paterson}, title = {Data Is a Stream: Security of Stream-Based Channels}, howpublished = {Cryptology {ePrint} Archive, Paper 2017/1191}, year = {2017}, doi = {10.1007/978-3-662-48000-7_27}, url = {https://eprint.iacr.org/2017/1191} }