5th Security Protocols International Workshop

 7-9 April 1997, Paris, France.


Link to LNCS 1361 at Springer-Verlag.



Welcome to the proceedings of the fifth International Workshop on Security Protocols. These workshops grew from a series of informal meetings held at the University of Cambridge Computer Laboratory. Our aim has been to assemble researchers in an environment where they could discuss the limitations and omissions of current work in computer security, and the implications of these for future directions in security protocol research.

Since the publications in 1978 of the seminal paper on authentication by Roger Needham and Michael Schroeder, it has become abundantly clear that the properties which cryprographic protocols actually possess are extraordinarily fragile. One reason for this is the complex nature of the interactions between the algorithmic mechanisms used to realise the protocols on the one hand, and the high-level behaviour of the applications which the protocols are intended to support on the other. Experience also shows that it is difficult to abstract from these interactions successfully, and to describe them in a way which allows them to be reasoned about correctly.

Consequently, security failures often occur as a result of an unnoticed mismatch between the use an application makes of a security protocol and the properties which the realisation of the protocol provides.
The insights provided by these subtle constraints, and by breaking them, form the theme of this year's workshop. We hope these proceedings will enable you to share some of these insights.

We would like to thank Serge Vaudenay for the exemplary local arrengements at the Ecole Normale Superieure during the workshop.

October 1997                                                                                                                                          Mark Lomas
(Brumaire 206)                                                                                                                           Bruce Christianson
                                                                                                                                                                    Bruno Crispo
                                                                                                                                                                     Michael Roe
 


Contents

Secure Books: Protecting the Distribution of Knowledge
Ross J. Anderson, Václav Matyás Jr., Fabien A. Petitcolas
Iain E. Buchan and Rudolf Hanka.................................................................................... 1

Protocols Using Anonymous Connections: Mobile Applications
Michael G. Reed, Paul F. Syverson and David M. Goldschlag ..............................13

Receipt-Free Electronic Voting Schemes for Large Scale Elections
Tatsuaki Okamoto ..............................................................................................................25

Flexible Internet Secure Transactions Based on Collaborative Domains
Eduardo Solana, Jürgen Harms...................................................................................... 37

How to Build Evidence in a Public-Key Infrastructure for
Multi-domain Environments

Bruno Crispo ........................................................................................................................53

On Signature Schemes with Threshold Verification
Detecting Malicious Verifiers
Holger Petersen, Markus Michels................................................................................ 67

Open Key Exchange: How to Defeat Dictionary Attacks
Without Encrypting Public Keys
Stefan Lucks ........................................................................................................................79

Protocol Interactions and the Chosen Protocol Attack
John Kelsey, Bruce Schneier and David Wagner ......................................................91

Binding Bit Patterns to Real World Entities
Bruce Christianson, James A. Malcolm ....................................................................105

Breaking Public Key Cryptosystems on Tamper Resistant
Devices in the Presence of Transient Faults
Feng Bao, Robert H. Deng, Yong F. Han, Albert B.R. Jeng,
Arcot D. Narasimhalu and Teow H. Ngair ...............................................................115

Low Cost Attacks on Tamper Resistant Devices
Ross J. Anderson, Markus Kuhn ................................................................................125

Entity Authentication and Authenticated Key
Transport Protocols Employing Asymmetric Techniques
Simon Blake-Wilson, Alfred Menezes .....................................................................137

SG Logic - A Formal Analysis Technique for Authentication Protocols
Sigrid Gürgens .................................................................................................................159

How to Convert any Digital Signature Scheme into a Group
Signature Scheme
Holger Petersen .............................................................................................................177

Threshold Key-Recovery Systems for RSA
Tatsuaki Okamoto .........................................................................................................191

A Weakness of the Menezes-Vanstone Cryptosystem
Klaus Kiefer ...................................................................................................................201

On Ideal Non-perfect Secret Sharing Schemes
Pascal Paillier ...............................................................................................................207
 

Author Index.................................................................................... 217
 


Bruno Crispo

Mon Jan 26 12:21:12 GMT 1998