Moteur de recherche d’entreprises européennes
UK funding (99 870 £) : Jeter un pont entre la théorie et la pratique dans les protocoles d’échange clés Ukri13/06/2012 UK Research and Innovation, Royaume Uni
Vue d’ensemble
Texte
Jeter un pont entre la théorie et la pratique dans les protocoles d’échange clés
| Abstract | Key exchange protocols address a crucial problem in security: how to securely distribute cryptographic keys to remote users. Since the seminal paper by Diffie and Hellman in 1976, this subject has been extensively studied for over thirty years. Yet, designing a secure key exchange protocol is notoriously difficult. Many proposed schemes have been found with security flaws, including those specified in the international standards. Heuristic designs based on ad-hoc arguments rather than rigorous security proofs are commonly seen as bad practice. However, several "provably secure" key exchange protocols also turn out to be insecure. So far, almost all key exchange protocols in the past have sidestepped an important engineering principle, namely the sixth principle -- i.e., "Do not assume that a message you receive has a particular form unless you can check this" (Anderson & Needham, 1995). The importance of the sixth principle has been widely acknowledged by the security community for many years, but in reality, key exchange protocol designers have generally abandoned this prudent principle on the grounds of efficiency -- following the sixth principle would require using Zero Knowledge Proof (ZKP), which is considered too computationally expensive. However, discarding ZKP has the serious consequence of degrading the security, as evident by many reported attacks in the past. All these indicate a gap in the field. In the project, we propose to bridge the gap by combing the sixth principle and the Public Key Juggling (PKJ) technique. The PKJ technique has proved useful in tacking several important security problems in the past. It can be integrated with the sixth principle in a perfect match: the former serves to optimize the protocol efficiency while the latter underpins the protocol robustness. In the proposed research, we will apply the sixth principle and the juggling technique to design new key exchange protocols that are robust and efficient. We will develop new formal models to capture the sixth principle, which has been largely neglected by existing model specifications. Finally, we will aim to promote robust and efficient key exchange protocols to the international standards. In particular, our J-PAKE key exchange protocol has stood years of cryptanalysis and has been deployed in practical applications. Its standardization is a natural step forward and will benefit the security industry in general. |
| Category | Research Grant |
| Reference | EP/J011541/1 |
| Status | Closed |
| Funded period start | 13/06/2012 |
| Funded period end | 12/06/2014 |
| Funded value | £99 870,00 |
| Source | https://gtr.ukri.org/projects?ref=EP%2FJ011541%2F1 |
Participating Organisations
| Newcastle University | |
| Hewlett Packard plc | |
| Purdue University | |
| RMIT University | |
| Mozilla Foundation |
Cette annonce se réfère à une date antérieure et ne reflète pas nécessairement l’état actuel. L’état actuel est présenté à la page suivante : University OF Newcastle Upon Tyne CHARITY, Newcastle upon Tyne, Royaume Uni.
Les visualisations de "Newcastle University - UK funding (99 870 £) : Jeter un pont entre la théorie et la pratique dans les protocoles d’échange clés"
sont mis à disposition par
North Data
et peuvent être réutilisées selon les termes de la licence
Creative Commons CC-BY.
