Security Analysis of the MLS Key Derivation

Chris Brzuska, Eric Cornelissen, Konrad Kohbrok

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussaConference contributionScientificvertaisarvioitu

1 Sitaatiot (Scopus)
23 Lataukset (Pure)

Abstrakti

Cryptographic communication protocols provide confidentiality, integrity and authentication properties for end-to-end communication under strong corruption attacks, including, notably, post-compromise security (PCS). Most protocols are designed for one-to-one communication. Protocols for group communication are less common, less efficient, and tend to provide weaker security guarantees. This is because group communication poses unique challenges, such as coordinated key updates, changes to group membership and complex post-compromise recovery procedures. We need to tackle this complex challenge as a community. Thus, the Internet Engineering Task Force (IETF) has created a working group with the goal of developing a sound standard for a continuous asynchronous key-exchange protocol for dynamic groups that is secure and remains efficient for large group sizes. The current version of the Messaging Layer Security (MLS) security protocol is in a feature freeze, i.e., no changes are made in order to provide a stable basis for cryptographic analysis. The key schedule and TreeKEM design are of particular concern since they are crucial to distribute and combine several keys to achieve PCS. In this work, we study the MLS continuous group key derivation (CGKD) which comprises the MLS key schedule, TreeKEM and their composition, as specified in Draft 11 of the MLS RFC, while abstracting away signatures, message flow and authentication guarantees. We establish the uniqueness and key indistinguishability properties of the MLS CGKD as computational security properties.

AlkuperäiskieliEnglanti
OtsikkoProceedings - 43rd IEEE Symposium on Security and Privacy, SP 2022
KustantajaIEEE
Sivut2535-2553
Sivumäärä19
ISBN (elektroninen)978-1-6654-1316-9
DOI - pysyväislinkit
TilaJulkaistu - 2022
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisuussa
TapahtumaIEEE Symposium on Security and Privacy - San Francisco, Yhdysvallat
Kesto: 23 toukok. 202225 toukok. 2022
Konferenssinumero: 43

Julkaisusarja

NimiProceedings - IEEE Symposium on Security and Privacy
KustantajaIEEE
Vuosikerta2022-May
ISSN (painettu)1081-6011
ISSN (elektroninen)2357-1207

Conference

ConferenceIEEE Symposium on Security and Privacy
LyhennettäSP
Maa/AlueYhdysvallat
KaupunkiSan Francisco
Ajanjakso23/05/202225/05/2022

Sormenjälki

Sukella tutkimusaiheisiin 'Security Analysis of the MLS Key Derivation'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

Siteeraa tätä