TU Darmstadt / ULB / TUbiblio

Zero Round-Trip Time for the Extended Access Control Protocol

Brendel, Jacqueline and Fischlin, Marc
Foley, Simon N. and Gollmann, Dieter and Snekkenes, Einar (eds.) (2017):
Zero Round-Trip Time for the Extended Access Control Protocol.
In: Computer Security – ESORICS 2017. 22nd European Symposium on Research in Computer Security, Proceedings, Cham, Springer International Publishing, pp. 297-314, DOI: 10.1007/978-3-319-66402-6, [Book Section]

Abstract

The Extended Access Control (EAC) protocol allows to create a shared cryptographic key between a client and a server. While originally used in the context of identity card systems and machine readable travel documents, the EAC protocol is increasingly adopted as a universal solution to secure transactions or for attribute-based access control with smart cards. Here we discuss how to enhance the EAC protocol by a so-called zero-round trip time (0RTT) mode. Through this mode the client can, without further interaction, immediately derive a new key from cryptographic material exchanged in previous executions. This makes the 0RTT mode attractive from an efficiency viewpoint such that the upcoming TLS 1.3 standard, for instance, will include its own 0RTT mode. Here we show that also the EAC protocol can be augmented to support a 0RTT mode. Our proposed EAC+0RTT protocol is compliant with the basic EAC protocol and adds the 0RTT mode smoothly on top. We also prove the security of our proposal according to the common security model of Bellare and Rogaway in the multi-stage setting.

Item Type: Book Section
Erschienen: 2017
Editors: Foley, Simon N. and Gollmann, Dieter and Snekkenes, Einar
Creators: Brendel, Jacqueline and Fischlin, Marc
Title: Zero Round-Trip Time for the Extended Access Control Protocol
Language: English
Abstract:

The Extended Access Control (EAC) protocol allows to create a shared cryptographic key between a client and a server. While originally used in the context of identity card systems and machine readable travel documents, the EAC protocol is increasingly adopted as a universal solution to secure transactions or for attribute-based access control with smart cards. Here we discuss how to enhance the EAC protocol by a so-called zero-round trip time (0RTT) mode. Through this mode the client can, without further interaction, immediately derive a new key from cryptographic material exchanged in previous executions. This makes the 0RTT mode attractive from an efficiency viewpoint such that the upcoming TLS 1.3 standard, for instance, will include its own 0RTT mode. Here we show that also the EAC protocol can be augmented to support a 0RTT mode. Our proposed EAC+0RTT protocol is compliant with the basic EAC protocol and adds the 0RTT mode smoothly on top. We also prove the security of our proposal according to the common security model of Bellare and Rogaway in the multi-stage setting.

Title of Book: Computer Security – ESORICS 2017. 22nd European Symposium on Research in Computer Security, Proceedings
Series Name: Lecture notes in computer science
Volume: 1
Number: 10492
Place of Publication: Cham
Publisher: Springer International Publishing
ISBN: 978-3-319-66401-9
Uncontrolled Keywords: cryptographic protocols / zero-RTT protocols, authenticated key exchange, extended access control protocol
Divisions: 20 Department of Computer Science
20 Department of Computer Science > Cryptography and Complexity Theory
DFG-Collaborative Research Centres (incl. Transregio)
DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres
DFG-Graduiertenkollegs
DFG-Graduiertenkollegs > Research Training Group 2050 Privacy and Trust for Mobile Users
Profile Areas
Profile Areas > Cybersecurity (CYSEC)
DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres > CRC 1119: CROSSING – Cryptography-Based Security Solutions: Enabling Trust in New and Next Generation Computing Environments
Event Title: Computer Security — ESORICS 2017
Event Location: Oslo, Norway
Event Dates: September 11-15, 2017
Date Deposited: 07 Aug 2017 13:19
DOI: 10.1007/978-3-319-66402-6
Additional Information:

Privacy and Trust for Mobile Users specific fields== Involved Privacy and Trust sub-projects: D.2; Solutions; S4

Identification Number: TUD-CS-2017-0212
Export:

Optionen (nur für Redakteure)

View Item View Item