Detecting Key-Dependencies


Dini, Gianluca and Helme, Arne and Stabell-Kulo, Tage (1998) Detecting Key-Dependencies. In: 3rd Australasian Conference on Information Security and Privacy, ACISP 1998, July 13-15, 1998, Brisbane, Queensland, Australia.

open access
Abstract:The confidentiality of encrypted data depends on how well the key under which it was encrypted is maintained. If a session key was exchanged encrypted under a long-term key, exposure of the long-term key may reveal the session key and hence the data encrypted with it. The problem of key-dependencies between keys can be mapped onto connectivity of a graph, and the resulting graph can be inspected. This article presents a structured method (an algorithm) with which key-dependencies can be detected and analysed. Several well-known protocols are examined, and it is shown that they are vulnerable to certain attacks exploiting key-dependencies. Protocols which are free from this defect do exist. That is, when a session is terminated it is properly closed.
Item Type:Conference or Workshop Item
Copyright:© 1998 Springer-Verlag
Electrical Engineering, Mathematics and Computer Science (EEMCS)
Research Group:
Link to this item:
Official URL:
Export this item as:BibTeX
HTML Citation
Reference Manager


Repository Staff Only: item control page