Topic
Oakley protocol
About: Oakley protocol is a research topic. Over the lifetime, 671 publications have been published within this topic receiving 17746 citations.
Papers published on a yearly basis
Papers
6 May 2001
TL;DR: In this article, the authors present a formalism for the analysis of key exchange protocols that combines previous definitional approaches and results in a definition of security that enjoys some important analytical benefits: (i) any key exchange protocol that satisfies the security definition can be composed with symmetric encryption and authentication functions to provide provably secure communication channels.
Abstract: We present a formalism for the analysis of key-exchange protocols that combines previous definitional approaches and results in a definition of security that enjoys some important analytical benefits: (i) any key-exchange protocol that satisfies the security definition can be composed with symmetric encryption and authentication functions to provide provably secure communication channels (as defined here); and (ii) the definition allows for simple modular proofs of security: one can design and prove security of key-exchange protocols in an idealized model where the communication links are perfectly authenticated, and then translate them using general tools to obtain security in the realistic setting of adversary-controlled links.
We exemplify the usability of our results by applying them to obtain the proof of two classes of key-exchange protocols, Diffie-Hellman and key-transport, authenticated via symmetric or asymmetric techniques.
1,899 citations
14 May 2000
TL;DR: Correctness for the idea at the center of the Encrypted Key-Exchange protocol of Bellovin and Merritt is proved: it is proved security, in an ideal-cipher model, of the two-flow protocol at the core of EKE.
Abstract: Password-based protocols for authenticated key exchange (AKE) are designed to work despite the use of passwords drawn from a space so small that an adversary might well enumerate, off line, all possible passwords. While several such protocols have been suggested, the underlying theory has been lagging. We begin by defining a model for this problem, one rich enough to deal with password guessing, forward secrecy, server compromise, and loss of session keys. The one model can be used to define various goals. We take AKE (with "implicit" authentication) as the "basic" goal, and we give definitions for it, and for entity-authentication goals as well. Then we prove correctness for the idea at the center of the Encrypted Key-Exchange (EKE) protocol of Bellovin and Merritt: we prove security, in an ideal-cipher model, of the two-flow protocol at the core of EKE.
1,659 citations
4 May 1992
TL;DR: A combination of asymmetric (public-key) and symmetric (secret- key) cryptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network is introduced.
Abstract: Classic cryptographic protocols based on user-chosen keys allow an attacker to mount password-guessing attacks. A combination of asymmetric (public-key) and symmetric (secret-key) cryptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network is introduced. In particular, a protocol relying on the counter-intuitive motion of using a secret key to encrypt a public key is presented. Such protocols are secure against active attacks, and have the property that the password is protected against offline dictionary attacks. >
1,654 citations
TL;DR: A simple, efficient protocol referred to as the station-to-station (STS) protocol is introduced, examined in detail, and considered in relation to existing protocols.
Abstract: We discuss two-party mutual authentication protocols providing authenticated key exchange, focusing on those using asymmetric techniques. A simple, efficient protocol referred to as the station-to-station (STS) protocol is introduced, examined in detail, and considered in relation to existing protocols. The definition of a secure protocol is considered, and desirable characteristics of secure protocols are discussed.
1,364 citations
1 Nov 1998
TL;DR: ISAKMP ([MSST98]) provides a framework for authentication and key exchange but does not define them.
Abstract: ISAKMP ([MSST98]) provides a framework for authentication and key exchange but does not define them. ISAKMP is designed to be key exchange independant; that is, it is designed to support many different key exchanges.
1,327 citations
Related Topics (5)
Performance Metrics
| Year | Papers |
|---|---|
| 2025 | 2 |
| 2024 | 3 |
| 2023 | 4 |
| 2022 | 15 |
| 2021 | 2 |
| 2018 | 1 |