Security Agility Solution Independent of the Underlaying Protocol Architecture

Cryptographic protocols are constantly exposed to new at- tack methods. When some cryptographic protocol gets exposed there is a need to replace it. This is hard because most cryptographic pro- tocols are hard coded in applications. Applications should implement a way of negotiating cryptographic protocols used. In that way old and vulnerable protocols could be easily replaced with new ones. The agile cryptographic negotiation protocol (ACNP) proposed in this paper repre- sents a layer-agnostic, robust solution that can be deployed for providing cryptographic agility and greatly improve security. It provides minimal communication overhead and represents a universal and secure solution independent of the communication layer and application that uses it.

[1]  Pekka Nikander,et al.  SEcure Neighbor Discovery (SEND) , 2005, RFC.

[2]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[3]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[4]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[5]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.

[6]  Christof Paar,et al.  An Algorithm-Agile Cryptographic Co-processor Based on FPGAs , 1999 .

[7]  Eric Rescorla,et al.  Deploying a New Hash Algorithm , 2006, NDSS.

[8]  Lee Badger,et al.  Security agility in response to intrusion detection , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[9]  Tatu Ylönen,et al.  The Secure Shell (SSH) Protocol Architecture , 2006, RFC.

[10]  L. Badger,et al.  Security agility for dynamic execution environments , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[11]  Miljenko Mikuc,et al.  Deploying new hash algorithms in Secure Neighbor Discovery , 2011, SoftCOM 2011, 19th International Conference on Software, Telecommunications and Computer Networks.

[12]  Tony Cheneau,et al.  Signature Algorithm Agility in the Secure Neighbor Discovery (SEND) Protocol , 2010 .

[13]  Pekka Nikander,et al.  Weak Authentication: How to Authenticate Unknown Principals without Trusted Parties , 2002, Security Protocols Workshop.

[14]  Timothy Stapko CHAPTER 4 – The Secure Sockets Layer , 2008 .

[15]  Alan O. Freier,et al.  Internet Engineering Task Force (ietf) the Secure Sockets Layer (ssl) Protocol Version 3.0 , 2022 .

[16]  Tatu Ylönen,et al.  The Secure Shell (ssh) Transport Layer Protocol , 2006 .

[17]  Tolga Acar,et al.  Key Management In Distributed Systems , 2010 .

[18]  Ben J Hicks,et al.  SPIE - The International Society for Optical Engineering , 2001 .

[19]  Peter E. Sholander,et al.  Algorithm-Agile Encryption in ATM Networks , 1998, Computer.