Searching for Selfie in TLS 1.3 with the Cryptographic Protocol Shapes Analyzer
| dc.contributor.author | Bhandary, Prajna | |
| dc.contributor.author | Zieglar, Edward | |
| dc.contributor.author | Nicholas, Charles | |
| dc.date.accessioned | 2022-01-06T16:17:46Z | |
| dc.date.available | 2022-01-06T16:17:46Z | |
| dc.date.issued | 2021-11-19 | |
| dc.description.abstract | TLS 1.3 was developed in conjunction with several formal analyses and proofs of its security properties. However, in 2019, researchers Drucker and Gueron discovered a reflection attack, they named Selfie, against the pre-shared key (PSK) mode of authentication used by TLS 1.3 by identifying a gap in the proofs. They realized that the proofs ignored the case of external PSKs. They demonstrated that if the PSK was not associated with a particular client and server pairing, such as a single PSK between a pair of hosts which could use the key as either a client or server, implicit authentication implied by the use of the PSK would fail in a reflection attack. The proofs and tools used did not account for this, so we set out to determine if it was possible to identify this attack with the Cryptographic Protocol Shapes Analyzer (CPSA). Using CPSA, which attempts to enumerate all equivalence classes of a protocol’s executions, we were able to uncover the attack and verify two proposed mitigations. We were also able to identify a previously discovered impersonation attack against the use of post handshake authentication in scenarios where a PSK is used as a network key | en_US |
| dc.description.uri | https://link.springer.com/chapter/10.1007/978-3-030-91631-2_3 | en_US |
| dc.format.extent | 27 pages | en_US |
| dc.genre | book chapters | en_US |
| dc.identifier | doi:10.13016/m2rhxw-bcvx | |
| dc.identifier.citation | Bhandary P., Zieglar E., Nicholas C. (2021) Searching for Selfie in TLS 1.3 with the Cryptographic Protocol Shapes Analyzer. In: Dougherty D., Meseguer J., Mödersheim S.A., Rowe P. (eds) Protocols, Strands, and Logic. Lecture Notes in Computer Science, vol 13066. Springer, Cham. https://doi.org/10.1007/978-3-030-91631-2_3 | en_US |
| dc.identifier.uri | https://doi.org/10.1007/978-3-030-91631-2_3 | |
| dc.identifier.uri | http://hdl.handle.net/11603/23860 | |
| dc.language.iso | en_US | en_US |
| dc.publisher | Springer | en_US |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Computer Science and Electrical Engineering Department Collection | |
| dc.relation.ispartof | UMBC Faculty Collection | |
| dc.relation.ispartof | UMBC Staff Collection | |
| dc.rights | This work was written as part of one of the author's official duties as an Employee of the United States Government and is therefore a work of the United States Government. In accordance with 17 U.S.C. 105, no copyright protection is available for such works under U.S. Law. | en_US |
| dc.rights | Public Domain Mark 1.0 | * |
| dc.rights.uri | https://creativecommons.org/publicdomain/mark/1.0/ | * |
| dc.title | Searching for Selfie in TLS 1.3 with the Cryptographic Protocol Shapes Analyzer | en_US |
| dc.type | Text | en_US |
| dcterms.creator | https://orcid.org/0000-0001-9494-7139 | en_US |