Showing papers by "Tadayoshi Kohno published in 2002"
••
18 Nov 2002TL;DR: This paper proposes several fixes to the SSH protocol and, using techniques from modern cryptography, proves that their modified versions of SSH meet strong new chosen-ciphertext privacy and integrity requirements.
Abstract: The Secure Shell (SSH) protocol is one of the most popular cryptographic protocols on the Internet. Unfortunately, the current SSH authenticated encryption mechanism is insecure. In this paper we propose several fixes to the SSH protocol and, using techniques from modern cryptography, we prove that our modified versions of SSH meet strong new chosen-ciphertext privacy and integrity requirements. Furthermore, our proposed fixes will require relatively little modification to the SSH protocol or to SSH implementations. We believe that our new notions of privacy and integrity for encryption schemes with stateful decryption algorithms will be of independent interest.
131 citations
••
TL;DR: A solution is described that allows for more rigorous analysis of C and C++ source code, without failing to analyze parts of the program due to preprocessor conditionals, and is prototyped.
Abstract: We describe ITS4, a tool for statically scanning C and C++ source code for security vulnerabilities. Compared to other approaches, our scanning technique stakes out a new middle ground between accuracy and efficiency. This method is efficient enough to offer real-time feedback to developers during coding while producing few false negatives. Unlike other techniques, our method is also simple enough to scan C++ code despite the complexities inherent in the language. Using ITS4, we found new remotely exploitable vulnerabilities in a widely distributed software package as well as in a major piece of e-commerce software.We also describe functionality in more recent tools modeled after ITS4, and discuss algorithms that could easily be used to augment these kinds of tools. Particularly, we describe a solution we have prototyped that allows for more rigorous analysis of C and C++ source code, without failing to analyze parts of the program due to preprocessor conditionals.
48 citations
•
TL;DR: Several attacks based on a new protocol- level related-key attack against RMAC are presented and can be considered variants of Biham's key-collision attack (Bih02).
Abstract: In (JJV02) Jaulmes, Joux, and Valette propose a new ran domized message authentication scheme, called RMAC, which NIST is currently in the process of standardizing (NIS02). In this work we present several attacks against RMAC. The attacks are based on a new protocol- level related-key attack against RMAC and can be considered variants of Biham's key-collision attack (Bih02). These attacks provide insights into the RMAC design. We believe that the protocol-level related-key attack is of independent interest.
6 citations
01 Jan 2002
TL;DR: This paper proposes several fixes to the SSH protocol and, using techniques from modern cryptography, proves that their modified versions of SSH meet strong new chosen-ciphertext privacy and integrity requirements.
Abstract: The Secure Shell (SSH) protocol is one of the most popular cryptographic protocols on the Internet. Unfortunately, the current SSH authenticated encryption mechanism is insecure. In this paper we propose several fixes to the SSH protocol and, using techniques from modern cryptography, we prove that our modified versions of SSH meet strong new chosen-ciphertext privacy and integrity requirements. Furthermore, our proposed fixes will require relatively little modification to the SSH protocol (or to SSH implementations). We believe that our new notions of privacy and integrity for encryption schemes with stateful decryption algorithms will be of independent interest.
5 citations
••
19 Feb 2002TL;DR: A solution is proposed that reduces a content distributor's risk of piracy and raises the notion and severity of a generic attack in the context of Adams and Zuccherato's Privilege Management Infrastructure.
Abstract: This article addresses a problem with copy-protecting a large collection of electronic content. The notion and severity of a generic attack are raised in the context of Adams and Zuccherato's Privilege Management Infrastructure. A solution is then proposed that reduces a content distributor's risk of piracy.
4 citations
•
TL;DR: The Secure Shell (SSH) protocol is one of the most popular cryptographic protocols on the Internet as discussed by the authors, however, the current SSH authenticated encryption mechanism is insecure and it is vulnerable to attacks.
Abstract: The Secure Shell (SSH) protocol is one of the most popular cryptographic protocols on the Internet. Unfortunately, the current SSH authenticated encryption mechanism is insecure. In this paper, we propose several fixes to the SSH protocol and, using techniques from modern cryptography, we prove that our modified versions of SSH meet strong new chosen-ciphertext privacy and integrity requirements. Furthermore, our proposed fixes will require relatively little modification to the SSH protocol and to SSH implementations. We believe that our new notions of privacy and integrity for encryption schemes with stateful decryption algorithms will be of independent interest.
3 citations