Abstract

The Transport Layer Security (TLS) protocol is the most important standard on the Internet for key exchange. TLS standard supports many additional handshake modes such as resumption and renegotiation besides the full handshake. The interaction and dependence of different modes may lead to some practical attacks on TLS. In 2014, Bhargavan et al. described a triple handshake attack on TLS 1.2 by exploiting the sequential running of three different modes of TLS, which can lead to a client impersonation attack after the third handshake. Subsequently, TLS 1.2 was patched with the extended master secret extension of RFC 7627 to prevent this attack. In this paper we introduce a new definition of uniqueness and present a renegotiable & resumable ACCE security model. We identify the triple handshake attack within the new model, and furthermore show TLS with the proposed fix can be proven secure in our model.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Coverage-guided differential testing of TLS implementations based on syntax mutation
Wei Lin ... Yan Pan
-
Wei Lin, et. al.Wei Lin ... Yan Pan
24 Jan 2022
Coverage-guided differential testing of TLS implementations based on syntax mutation.
Yan Pan ... Yubo He
PLOS ONE | VOL. 17
Yan Pan, et. al.Yan Pan ... Yubo He
24 Jan 2022
Key Confirmation in Key Exchange: A Formal Treatment and Implications for TLS 1.3
Marc Fischlin ... Benedikt Schmidt
-
Marc Fischlin, et. al.Marc Fischlin ... Benedikt Schmidt
01 May 2016
TLS specification changes
S Gadanayak
-
S GadanayakS Gadanayak
23 May 2005
View more papers

More From: China Communications

Paper Title
Journal
Date
Author
Deep Learning Based Signal Detection for Quadrature Spatial Modulation System
Shu Dingyun ... Peng Yuyang
China Communications | VOL. 21
Shu Dingyun, et. al.Shu Dingyun ... Peng Yuyang
01 Oct 2024
Energy Minimization for Heterogenous Traffic Coexistence with Puncturing in Mobile Edge Computing-Based Industrial Internet of Things
Wang Xue ... Fei Zixuan
China Communications | VOL. 21
Wang Xue, et. al.Wang Xue ... Fei Zixuan
01 Oct 2024
Joint User Association and Satellite Selection for Satellite-Terrestrial Integrated Networks
Qiu Wenjing ... Han Chen
China Communications | VOL. -
Qiu Wenjing, et. al.Qiu Wenjing ... Han Chen
01 Oct 2024
Joint Beam Scheduling and Power Optimization for Beam Hopping LEO Satellite Systems
Zheng Shuang ... Zhang Xing
China Communications | VOL. 21
Zheng Shuang, et. al.Zheng Shuang ... Zhang Xing
01 Oct 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.