Title: Undermining key exchange
|Affiliation:||University of Waterloo|
There are many ways to undermine systems that rely on cryptography. An attacker could of course try to find flaws in the hardware and software implementing the system, or find mathematical weaknesses in the cryptographic algorithms. But a more subtle attacker may try to *introduce* flaws: inserting backdoors into cryptographic standards, or replacing software or hardware implementations surreptitiously, which are called "algorithm substitution attacks". One goal of algorithm subsitution attacks is "kleptography": leaking a secret key from an implementation to an external adversary. This talk will investigate algorithm substition attacks on key exchange protocols, which play a central role in establishing secure communication channels. We will explore how some traditional security goals of key exchange--such as forward secrecy--inherently conflict with the ability to detect algorithm substitution attacks.
This talk is based on work in progress with Mihir Bellare, Kenny Paterson, and Joanne Woodage.
200 University Avenue West
Waterloo, ON N2L 3G1