Sciweavers

CRYPTO
2005
Springer

Secure Communications over Insecure Channels Based on Short Authenticated Strings

14 years 4 months ago
Secure Communications over Insecure Channels Based on Short Authenticated Strings
Abstract. We propose a way to establish peer-to-peer authenticated communications over an insecure channel by using an extra channel which can authenticate very short strings, e.g. 15 bits. We call this SAS-based authentication as for authentication based on Short Authenticated Strings. The extra channel uses a weak notion of authentication in which strings cannot be forged nor modified, but whose delivery can be maliciously stalled, canceled, or replayed. Our protocol is optimal and relies on an extractable or equivocable commitment scheme. This approach offers an alternative (or complement) to public-key infrastructures, since we no longer need any central authority, and to password-based authenticated key exchange, since we no longer need to establish a confidential password. It can be used to establish secure associations in ad-hoc networks. Applications could be the authentication of a public key (e.g. for SSH or PGP) by users over the telephone, the user-aided pairing of wirele...
Serge Vaudenay
Added 26 Jun 2010
Updated 26 Jun 2010
Type Conference
Year 2005
Where CRYPTO
Authors Serge Vaudenay
Comments (0)