Organizer: Marc Fischlin
The Transport Layer Security (TLS) protocol is inarguably one of the most important confidential communication protocols in use today. Recent advances in provable security have allowed researchers to show that most combinations of key-exchange, digital signature, authenticated encryption and hashing schemes (referred to as a ciphersuite) used in TLS are secure authenticated and confidential channel establishment (ACCE) protocols. However, these analyse ciphersuites in isolation and modern attacks have shown that additionally supporting weaker ciphersuites can have devastating effects on security. This talk aims to define security notions for securely negotiating elements of key-exchange protocols such as ciphersuites or version, and relate security of negotiation to security of ACCE protocols with additional conditions. We discuss the results of applying this approach to modelling negotiation in the TLS protocol.
Ben Dowling is originally a mathematics graduate of The University of Queensland, before moving to Queensland University of Technology to complete a Masters in Mathematical Science. He is currently a Ph.D candidate at QUT focusing in provable security of practical internet protocols, and his supervisors include Dr Douglas Stebila of QUT and Prof Colin Boyd of Norwegian University of Science and Technology. Ben has worked with researchers at both TU Darmstadt and RU Bochum, and published at CCS2014 and ACISP2015.