• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Journal of Cryptology >Selfie: reflections on TLS 1.3 with PSK
【24h】

Selfie: reflections on TLS 1.3 with PSK

机译:Selfie:与PSK的TLS 1.3的思考

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

TLS 1.3 allows two parties to establish a shared session key from an out-of-band agreed pre-shared key (PSK). The PSK is used to mutually authenticate the parties, under the assumption that it is not shared with others. This allows the parties to skip the certificate verification steps, saving bandwidth, communication rounds, and latency. In this paper, we identify a vulnerability in this specific TLS 1.3 option by showing a new "reflection attack" that we call "Selfie." This attack uses the fact that TLS does not mandate explicit authentication of the server and the client, and leverages it to break the protocol's mutual authentication property. We explain the root cause of this TLS 1.3 vulnerability, provide a fully detailed demonstration of a Selfie attack using the TLS implementation of OpenSSL, and propose mitigation. The Selfie attack is the first attack on TLS 1.3 after its official release in 2018. It is surprising because it uncovers an interesting gap in the existing TLS 1.3 models that the security proofs rely on. We explain the gap in these model assumptions and show how it affects the proofs in this case.
机译:TLS 1.3允许两方从带外共享的预共享密钥(PSK)建立共享会话密钥。 PSK用于相互验证各方,假设它不与他人共享。这允许各方跳过证书验证步骤,保存带宽,通信轮次和延迟。在本文中,我们通过显示我们称之为“Selfie”的新的“反射攻击”,确定此特定TLS 1.3选项中的漏洞。此攻击使用TLS不授权Server和客户端的显式身份验证的事实,并利用它来打破协议的相互身份验证属性。我们解释了这个TLS 1.3漏洞的根本原因,通过openssl的TLS实施提供了自拍照攻击的完全详细的示范,并提出缓解。自拍照攻击是2018年官方发布后对TLS 1.3的第一次攻击。它令人惊讶的是,它揭示了现有的TLS 1.3模型中的有趣差距,即安全证明依赖于此。我们解释了这些模型假设中的差距,并展示了在这种情况下如何影响证明。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号