Security Proofs for Protocols Involving Humans

We introduce the notion of human-followable security wherein a human user can understand the process and logic behind cryptographic authentication protocols. We use Transport Layer Security, a widely used protocol, as an example to explain why human-followable security is required. From there, we define the notion of human-perceptible freshness and build on recent work by Jager et al. to provide a protocol security model incorporating this notion. We show how to transform existing authentication protocols into protocols with human-followable security and prove that this transformation turns protocols secure in the sense of Jager et al. into protocols secure in our extended model.

[1]  Donald E. Knuth,et al.  The Art of Computer Programming, Vol. 2 , 1981 .

[2]  Victor Shoup,et al.  Sequences of games: a tool for taming complexity in security proofs , 2004, IACR Cryptol. ePrint Arch..

[3]  John Langford,et al.  CAPTCHA: Using Hard AI Problems for Security , 2003, EUROCRYPT.

[4]  Ran Canetti,et al.  Advances in Cryptology – CRYPTO 2012 , 2012, Lecture Notes in Computer Science.

[5]  Jitendra Malik,et al.  Recognizing objects in adversarial clutter: breaking a visual CAPTCHA , 2003, 2003 IEEE Computer Society Conference on Computer Vision and Pattern Recognition, 2003. Proceedings..

[6]  Carl M. Ellison,et al.  Ceremony Design and Analysis , 2007, IACR Cryptol. ePrint Arch..

[7]  Kenneth G. Paterson,et al.  Tag Size Does Matter: Attacks and Proofs for the TLS Record Protocol , 2011, ASIACRYPT.

[8]  Colin Boyd,et al.  CHURNs: Freshness Assurance for Humans , 2015, Comput. J..

[9]  Colin Boyd,et al.  Formalising Human Recognition: a Fundamental Building Block for Security Proofs , 2014, AISC.

[10]  Ran Canetti,et al.  Advances in Cryptology – CRYPTO 2013 , 2013, Lecture Notes in Computer Science.

[11]  Cristina Nita-Rotaru,et al.  How Secure and Quick is QUIC? Provable Security and Performance Analyses , 2015, 2015 IEEE Symposium on Security and Privacy.

[12]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[13]  Marti A. Hearst,et al.  Why phishing works , 2006, CHI.

[14]  John C. Mitchell,et al.  Text-based CAPTCHA strengths and weaknesses , 2011, CCS '11.

[15]  Kenneth G. Paterson,et al.  On the Security of the TLS Protocol: A Systematic Analysis , 2013, IACR Cryptol. ePrint Arch..

[16]  M. Angela Sasse,et al.  Users are not the enemy , 1999, CACM.

[17]  Eli Biham,et al.  Advances in Cryptology — EUROCRYPT 2003 , 2003, Lecture Notes in Computer Science.

[18]  Manuel Blum,et al.  Secure Human Identification Protocols , 2001, ASIACRYPT.

[19]  Ahmad-Reza Sadeghi,et al.  On the (In)Security of Mobile Two-Factor Authentication , 2014, Financial Cryptography.

[20]  Ahmad-Reza Sadeghi,et al.  Provably secure browser-based user-aware mutual authentication over TLS , 2008, ASIACCS '08.

[21]  Colin Boyd,et al.  "Who decides?": security and privacy in the wild , 2013, OZCHI.

[22]  John P. Steinberger,et al.  The preimage security of double-block-length compression functions , 2011, IACR Cryptol. ePrint Arch..

[23]  Robert Biddle,et al.  Browser interfaces and extended validation SSL certificates: an empirical study , 2009, CCSW '09.

[24]  Frank Stajano,et al.  Password-Manager Friendly (PMF): Semantic Annotations to Improve the Effectiveness of Password Managers , 2014, PASSWORDS.

[25]  Tatu Ylönen,et al.  The Secure Shell (SSH) Protocol Architecture , 2006, RFC.

[26]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[27]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[28]  Colin Boyd,et al.  Protocols for Authentication and Key Establishment , 2003, Information Security and Cryptography.

[29]  Serge Vaudenay,et al.  Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS , 2002, EUROCRYPT.

[30]  J. Doug Tygar,et al.  Phish and HIPs: Human Interactive Proofs to Detect Phishing Attacks , 2005, HIP.

[31]  Tibor Jager,et al.  On the Security of TLS-DHE in the Standard Model , 2012, CRYPTO.

[32]  Kenneth G. Paterson,et al.  Lucky Thirteen: Breaking the TLS and DTLS Record Protocols , 2013, 2013 IEEE Symposium on Security and Privacy.

[33]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.