Paper 2020/573

Quantifying the Security Cost of Migrating Protocols to Practice

Christopher Patton and Thomas Shrimpton

Abstract

We give a framework for relating the concrete security of a “reference” protocol (say, one appearing in an academic paper) to that of some derived, “real” protocol (say, appearing in a cryptographic standard). It is based on the indifferentiability framework of Maurer, Renner, and Holenstein (MRH), whose application has been exclusively focused upon non-interactive cryptographic primitives, e.g., hash functions and Feistel networks. Our extension of MRH is supported by a clearly defined execution model and two composition lemmata, all formalized in a modern pseudocode language. Together, these allow for precise statements about game-based security properties of cryptographic objects (interactive or not) at various levels of abstraction. As a real-world application, we design and prove tight security bounds for a potential TLS 1.3 extension that integrates the SPAKE2 password-authenticated key-exchange into the handshake.

Note: The latest version fixes some presentation issues.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A major revision of an IACR publication in CRYPTO 2020
Keywords
real-world cryptographyprotocol standardsconcrete securityindifferentiability
Contact author(s)
cjpatton @ ufl edu
History
2020-06-05: last of 4 revisions
2020-05-16: received
See all versions
Short URL
https://ia.cr/2020/573
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/573,
      author = {Christopher Patton and Thomas Shrimpton},
      title = {Quantifying the Security Cost of Migrating Protocols to Practice},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/573},
      year = {2020},
      url = {https://eprint.iacr.org/2020/573}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.