Room 206 (2nd floor, badged access)
23 February 2023 - 11h00
How fast do you heal? A taxonomy for post-compromise security in secure-channel establishment.
by Léo Robert from LIMOS (Université Clermont Auvergne)
Abstract: * WARNING: rescheduled because of strikes with unusual time (11h) *
Post-Compromise Security (PCS) is a property of secure-channel establishment schemes, which limits the security breach of an adversary that has compromised one of the endpoint to a certain number of messages, after which the channel heals. An attractive property, especially in view of Snowden's revelation of mass-surveillance, PCS features in prominent messaging protocols such as Signal. In this talk, we introduce a framework for quantifying and comparing PCS security, with respect to a broad taxonomy of adversaries. The generality and flexibility of our approach allows us to model the healing speed of a broad class of protocols, including Signal, but also an identity-based messaging protocol named SAID, and even a composition of 5G handover protocols. We also apply the results obtained for this latter example in order to provide a quick fix, which massively improves its post-compromise security.
Candidat potentiel au poste MCF IM2AG/Verimag pour 2023.