The strong authentication property agreement, where honest agents agree on the content of all message exchanged, is introduced formally. Differences between injective and non-injective agreement are explained via a series of minimal examples. Expressing agreement using tools is also demonstrated. Differences in threat models due to public keys and symmetric keys are touched on. A large multiparty case study mixing public keys and symmetric keys based on OpenID Connect is covered in detail. Exercises lean towards the discovery of attacks and the evaluation of patches guided by secrecy and multiparty agreement properties.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Authentication by agreement

  • Reynaldo Gil-Pons,
  • Ross Horne,
  • Sjouke Mauw,
  • Felix Stutz,
  • Semen Yurkov

摘要

The strong authentication property agreement, where honest agents agree on the content of all message exchanged, is introduced formally. Differences between injective and non-injective agreement are explained via a series of minimal examples. Expressing agreement using tools is also demonstrated. Differences in threat models due to public keys and symmetric keys are touched on. A large multiparty case study mixing public keys and symmetric keys based on OpenID Connect is covered in detail. Exercises lean towards the discovery of attacks and the evaluation of patches guided by secrecy and multiparty agreement properties.