Symbolic encryption, in the style of Dolev-Yao models, is ubiquitous in formal security models. In its common use, encryption on a whole message is specified as a single monolithic block. From a cryptographic perspective, however, this may require a resource-intensive cryptographic algorithm, namely an authenticated encryption scheme that is secure under chosen ciphertext attack. Therefore, many reasonable encryption schemes, such as AES in the CBC or CFB mode, are not among the implementation options. In this paper, we report new attacks on CBC and CFB based implementations of the well-known Needham-Schroeder and Denning-Sacco protocols. To avoid such problems, we advocate the use of refined notions of symbolic encryption that have natural correspondence to standard cryptographic encryption schemes.
|Title of host publication||Computer Security – ESORICS 2012 : 17th European Symposium on Research in Computer Security, Pisa, Italy, September 10-12, 2012. Proceedings|
|Publication status||Published - 2012|
|Event||17th European Symposium on Research in Computer Security (ESORICS 2012) - Pisa, Italy|
Duration: 10 Sept 2012 → 14 Sept 2012
|Conference||17th European Symposium on Research in Computer Security (ESORICS 2012)|
|Period||10/09/2012 → 14/09/2012|
|Series||Lecture Notes in Computer Science|