Cryptographic analysis of the message layer security protocol in the static corruption model

Thumbnail Image

Files

master_Cornelissen_Eric_2020.pdf (10.19 MB)

URL

Journal Title

Journal ISSN

Volume Title

Perustieteiden korkeakoulu | Master's thesis
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.

Authors

Date

2020-06-16

Department

Major/Subject

Security and Cloud Computing

Mcode

DDA-SECCLO

Degree programme

Master’s Programme in Security and Cloud Computing (SECCLO)

Language

en

Pages

77 + 19

Series

Abstract

Existing cryptographic protocols achieve a range of security guarantees such as secrecy and authentication. However, most protocols are designed for one-to-one communication and protocols for group communication are less common, often less efficient, and typically provide fewer security guarantees. This is because group communication poses unique challenges, such as coordinated key updates and changes to group membership, that complicate the protocol design. Still, group communication is common in messaging applications and often security is sacrificed for efficiency. The IETF created a working group with the goal of bridging this gap by developing a standard for a continuous asynchronous key-exchange protocol for dynamic groups that is secure and remains efficient for large group sizes. This thesis provides a cryptographic analysis of TreeKEM and the key schedule present in draft 8 of the Message Layer Security (MLS) protocol RFC. The analysis is carried out using the State Separating Proofs methodology. We show that both the keys produced by TreeKEM and the key schedule of MLS are pseudorandom in the static adversarial model given standard assumptions on Pseudorandom Functions, Key Derivation Functions, and Public-Key Encryption, giving concrete security bounds for both.

Description

Supervisor

Brzuska, Christopher

Thesis advisor

Kohbrok, Konrad

Keywords

protocol analysis, state separating proofs, message layer security, TreeKEM

Other note

Citation

Permanent link to this item

https://urn.fi/URN:NBN:fi:aalto-202006213923

Collections

[dipl] Perustieteiden korkeakoulu / SCI