Uma Extensão de Framework de Análise de Protocolos de Composibilidade Universal para Acordo de Chaves com Autenticação Baseado em Identidade
Resumo
A partir da modularidade da Composibilidade Universal, Kusters et al. propõem um framework onde primitivas criptográficas podem ser utilizadas como módulos fundamentais no projeto de protocolos gerais. Embora o framework contemple diversas primitivas, não há suporte a criptografia baseada em identidade, um cenário emergente de segurança para aplicações de Internet das Coisas. Neste artigo, apresentamos e provamos uma extensão do framework para suportar o acordo de chaves com autenticação baseado em identidade. Nós esboçamos a análise de segurança de um protocolo real de autenticação mútua proposto para o contexto de casas inteligentes para validar nossa extensão.
Palavras-chave:
Composibilidade Universal, Prova de Protocolos, Criptografia baseada em Identidade, Internet das Coisas
Referências
Abbas, N., Asim, M., Tariq, N., Baker, T., and Abbas, S. (2019). A Mechanism for Securing IoT-enabled Applications at the Fog Layer. Journal of Sensor and Actuator Networks.
Aranha, D. F., Oliveira, L. B., Lopez, J., and Dahab, R. (2009). NanoPBC: Implementing Cryptographic Pairings on an 8-bit Platform. In Conference on Hyperelliptic curves, discrete Logarithms, Encryption, etc (CHiLE 2009).
Burmester, M., Van Le, T., and de Medeiros, B. (2006). Provably Secure Ubiquitous Systems: Universally Composable RFID Authentication Protocols. In (SecureComm’06).
Canetti, R. (2001). Universally Composable Security: A New Paradigm for Cryptographic Protocols. In Symposium on Foundations of Computer Science (FOCS’01).
Canetti, R. and Herzog, J. (2006). Universally Composable Symbolic Analysis of Mutual Authentication and Key-Exchange Protocols. In Theory of Cryptography Conference (TCC’06).
Hofheinz, D. and Shoup, V. (2015). GNUC: A New Universal Composability Framework. Journal of Cryptology.
Kusters, R. (2006). Simulation-based Security with Inexhaustible Interactive Turing Machines. In Computer Security Foundations Workshop (CSFW’06).
Küsters, R. and Rausch, D. (2017). A Framework for Universally Composable DifeHellman Key Exchange. In Symposium on Security and Privacy (SP’17).
Küsters, R. and Tuengerthal, M. (2011). Ideal Key Derivation and Encryption in Simulation-Based Security. CT-RSA 2011.
McCullagh, N. and Barreto, P. S. L. M. (2005). A New Two-party Identity-based Authenticated Key Agreement. In Conference on Topics in Cryptology (CT-RSA’05).
Micali, S., Goldreich, O., and Wigderson, A. (1987). How to Play Any Mental Game. In Symposium on Theory of Computing (STOC’87).
Neto, A. L. M. et al. (2016). AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle. In Conference on Embedded Network Sensor Systems (Sensys’16).
Oliveira, L. B. and Dahab, R. (2006). Pairing-Based Cryptography for Sensor Networks. In Symposium on Network Computing and Applications (NCA’06).
Sakai, R., Ohgishi, K., and Kasahara, M. (2000). Cryptosystems Based on Pairing. In Symposium on Cryptography and Information Security (SCIS’00).
Salman, O., Abdallah, S., Elhajj, I. H., Chehab, A., and Kayssi, A. (2016). Identity-based Authentication Scheme for the Internet of Things. In Symposium on Computers and Communication (ISCC’16).
Shamir, A. (1984). Identity-based Cryptosystems and Signature Schemes. In Cryptology Conference on Advances in Cryptology (CRYPTO’84).
Van Le, T., Burmester, M., and De Medeiros, B. (2007). Universally Composable and Forward-Secure RFID Authentication and Authenticated Key Exchange. In Symposium on Information, Computer and Communications Security (ASIACCS’07).
Aranha, D. F., Oliveira, L. B., Lopez, J., and Dahab, R. (2009). NanoPBC: Implementing Cryptographic Pairings on an 8-bit Platform. In Conference on Hyperelliptic curves, discrete Logarithms, Encryption, etc (CHiLE 2009).
Burmester, M., Van Le, T., and de Medeiros, B. (2006). Provably Secure Ubiquitous Systems: Universally Composable RFID Authentication Protocols. In (SecureComm’06).
Canetti, R. (2001). Universally Composable Security: A New Paradigm for Cryptographic Protocols. In Symposium on Foundations of Computer Science (FOCS’01).
Canetti, R. and Herzog, J. (2006). Universally Composable Symbolic Analysis of Mutual Authentication and Key-Exchange Protocols. In Theory of Cryptography Conference (TCC’06).
Hofheinz, D. and Shoup, V. (2015). GNUC: A New Universal Composability Framework. Journal of Cryptology.
Kusters, R. (2006). Simulation-based Security with Inexhaustible Interactive Turing Machines. In Computer Security Foundations Workshop (CSFW’06).
Küsters, R. and Rausch, D. (2017). A Framework for Universally Composable DifeHellman Key Exchange. In Symposium on Security and Privacy (SP’17).
Küsters, R. and Tuengerthal, M. (2011). Ideal Key Derivation and Encryption in Simulation-Based Security. CT-RSA 2011.
McCullagh, N. and Barreto, P. S. L. M. (2005). A New Two-party Identity-based Authenticated Key Agreement. In Conference on Topics in Cryptology (CT-RSA’05).
Micali, S., Goldreich, O., and Wigderson, A. (1987). How to Play Any Mental Game. In Symposium on Theory of Computing (STOC’87).
Neto, A. L. M. et al. (2016). AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle. In Conference on Embedded Network Sensor Systems (Sensys’16).
Oliveira, L. B. and Dahab, R. (2006). Pairing-Based Cryptography for Sensor Networks. In Symposium on Network Computing and Applications (NCA’06).
Sakai, R., Ohgishi, K., and Kasahara, M. (2000). Cryptosystems Based on Pairing. In Symposium on Cryptography and Information Security (SCIS’00).
Salman, O., Abdallah, S., Elhajj, I. H., Chehab, A., and Kayssi, A. (2016). Identity-based Authentication Scheme for the Internet of Things. In Symposium on Computers and Communication (ISCC’16).
Shamir, A. (1984). Identity-based Cryptosystems and Signature Schemes. In Cryptology Conference on Advances in Cryptology (CRYPTO’84).
Van Le, T., Burmester, M., and De Medeiros, B. (2007). Universally Composable and Forward-Secure RFID Authentication and Authenticated Key Exchange. In Symposium on Information, Computer and Communications Security (ASIACCS’07).
Publicado
04/10/2021
Como Citar
MAIA NETO, Antonio L.; CUNHA, Ítalo; OLIVEIRA, Leonardo B..
Uma Extensão de Framework de Análise de Protocolos de Composibilidade Universal para Acordo de Chaves com Autenticação Baseado em Identidade. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 21. , 2021, Belém.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2021
.
p. 141-154.
DOI: https://doi.org/10.5753/sbseg.2021.17312.
