Cryptographic Analysis of the Message Layer Security Protocol in the Static Corruption Model

Loading...
Thumbnail Image
Journal Title
Journal ISSN
Volume Title
Perustieteiden korkeakoulu | Master's thesis
Date
2020-06-16
Department
Major/Subject
Security and Cloud Computing
Mcode
DDA-SECCLO
Degree programme
Master’s Programme in Security and Cloud Computing (SECCLO)
Language
en
Pages
77 + 19
Series
Abstract
Existing cryptographic protocols achieve a range of security guarantees such as secrecy and authentication. However, most protocols are designed for one-to-one communication and protocols for group communication are less common, often less efficient, and typically provide fewer security guarantees. This is because group communication poses unique challenges, such as coordinated key updates and changes to group membership, that complicate the protocol design. Still, group communication is common in messaging applications and often security is sacrificed for efficiency. The IETF created a working group with the goal of bridging this gap by developing a standard for a continuous asynchronous key-exchange protocol for dynamic groups that is secure and remains efficient for large group sizes. This thesis provides a cryptographic analysis of TreeKEM and the key schedule present in draft 8 of the Message Layer Security (MLS) protocol RFC. The analysis is carried out using the State Separating Proofs methodology. We show that both the keys produced by TreeKEM and the key schedule of MLS are pseudorandom in the static adversarial model given standard assumptions on Pseudorandom Functions, Key Derivation Functions, and Public-Key Encryption, giving concrete security bounds for both.
Description
Supervisor
Brzuska, Christopher
Thesis advisor
Kohbrok, Konrad
Keywords
protocol analysis, state separating proofs, message layer security, TreeKEM
Other note
Citation