Paper 2017/161

Security Notions for Bidirectional Channels

Giorgia Azzurra Marson and Bertram Poettering

Abstract

This paper closes a definitional gap in the context of modeling cryptographic two-party channels. We note that, while most security models for channels consider exclusively unidirectional communication, real-world protocols like TLS and SSH are rather used for bidirectional interaction. The motivational question behind this paper is: Can analyses conducted with the unidirectional setting in mind--including the current ones for TLS and SSH--also vouch for security in the case of bidirectional channel usage? And, in the first place, what does security in the bidirectional setting actually mean? After developing confidentiality and integrity notions for bidirectional channels, we analyze a standard way of combining two unidirectional channels to realize one bidirectional channel. Although it turns out that this construction is, in general, not as secure as commonly believed, we confirm that for many practical schemes security is provided also in the bidirectional sense.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A minor revision of an IACR publication in FSE 2017
Keywords
cryptographic channelsbidirectional communicationsecurity modelsTLS
Contact author(s)
giorgia marson @ rub de
History
2017-03-30: last of 2 revisions
2017-02-23: received
See all versions
Short URL
https://ia.cr/2017/161
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/161,
      author = {Giorgia Azzurra Marson and Bertram Poettering},
      title = {Security Notions for Bidirectional Channels},
      howpublished = {Cryptology ePrint Archive, Paper 2017/161},
      year = {2017},
      note = {\url{https://eprint.iacr.org/2017/161}},
      url = {https://eprint.iacr.org/2017/161}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.