ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Just fast keying: Key agreement in a hostile internet
Full text PdfPdf (324 KB)
Source ACM Transactions on Information and System Security (TISSEC) archive
Volume 7 ,  Issue 2  (May 2004) table of contents
Pages: 242 - 273  
Year of Publication: 2004
ISSN:1094-9224
Authors
William Aiello  AT&T Labs Research
Steven M. Bellovin  AT&T Labs Research
Matt Blaze  AT&T Labs Research
Ran Canetti  IBM T. J. Watson Research Center
John Ioannidis  AT&T Labs Research
Angelos D. Keromytis  Columbia University, New York, NY
Omer Reingold  AT&T Labs Research
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 13,   Downloads (12 Months): 117,   Citation Count: 7
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/996943.996946
What is a DOI?

ABSTRACT

We describe Just Fast Keying (JFK), a new key-exchange protocol, primarily designed for use in the IP security architecture. It is simple, efficient, and secure; we sketch a proof of the latter property. JFK also has a number of novel engineering parameters that permit a variety of tradeoffs, most notably the ability to balance the need for perfect forward secrecy against susceptibility to denial-of-service attacks.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
William Aiello , Steven M. Bellovin , Matt Blaze , John Ioannidis , Omer Reingold , Ran Canetti , Angelos D. Keromytis, Efficient, DoS-resistant, secure key exchange for internet protocols, Proceedings of the 9th ACM conference on Computer and communications security, November 18-22, 2002, Washington, DC, USA  [doi>10.1145/586110.586118]
 
2
Arsenault, A. and Farrell, S. 2001. Securely available credentials---requirements. Request for Comments 3157, Internet Engineering Task Force (Aug.).
 
3
Tuomas Aura , Pekka Nikander, Stateless connections, Proceedings of the First International Conference on Information and Communication Security, p.87-97, November 11-14, 1997
 
4
Tuomas Aura , Pekka Nikander , Jussipekka Leiwo, DOS-Resistant Authentication with Client Puzzles, Revised Papers from the 8th International Workshop on Security Protocols, p.170-177, April 03-05, 2000
 
5
Aziz, A. 1996. SKIP extension for perfect forward secrecy (PFS). Internet Draft, Internet Engineering Task Force (Aug.).
 
6
Aziz, A. and Patterson, M. 1995. Simple key management for internet protocols (SKIP). In Proceedings of the 1995 INET Conference.
 
7
Mihir Bellare , Phillip Rogaway, Entity authentication and key distribution, Proceedings of the 13th annual international cryptology conference on Advances in cryptology, p.232-249, January 1994, Santa Barbara, California, United States
 
8
Ran Canetti , Hugo Krawczyk, Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels, Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology, p.453-474, May 06-10, 2001
 
9
Ran Canetti , Hugo Krawczyk, Security Analysis of IKE's Signature-Based Key-Exchange Protocol, Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology, p.143-161, August 18-22, 2002
 
10
Ran Canetti , Hugo Krawczyk, Universally Composable Notions of Key Exchange and Secure Channels, Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology, p.337-351, May 02, 2002
 
11
CERT. 1996. Advisory CA-96.21: TCP SYN Flooding. Available at ftp://info.cert.org/pub/cert_advisories/CA-96.21.tcp_syn_flooding.
 
12
Dierks, T. and Allen, C. 1999. The TLS Protocol Version 1.0. Request for Comments (Proposed Standard) 2246, Internet Engineering Task Force (Jan.).
 
13
Whitfield Diffie , Paul C. Van Oorschot , Michael J. Wiener, Authentication and authenticated key exchanges, Designs, Codes and Cryptography, v.2 n.2, p.107-125, June 1992  [doi>10.1007/BF00124891]
 
14
Ferguson, N. and Schneier, B. 1999. A Cryptographic Evaluation of IPSec. Available at http://www.counterpane.com/ipsec.html.
 
15
Li Gong, Efficient network authentication protocols: lower bounds and optimal implementations, Distributed Computing, v.9 n.3, p.131-145, December 1995  [doi>10.1007/s004460050015]
 
16
Christoph G. Günther, An identity-based key-exchange protocol, Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology, p.29-37, November 1990, Houthalen, Belgium
 
17
Gustafson, D., Just, M., and Nystrom, M. 2001. Securely available credentials---Credential server framework. Internet Draft, Internet Engineering Task Force (Aug.). Work in progress.
 
18
Harkins, D. and Carrel, D. 1998. The internet key exchange (IKE). Request for Comments (Proposed Standard) 2409, Internet Engineering Task Force (Nov.).
 
19
Harkins, D., Kaufman, C., Kent, S., Kivinen, T., and Perlman, R. 2002. Proposal for the IKEv2 protocol. Internet Draft, Internet Engineering Task Force (April). Work in progress.
 
20
Heberlein, L. and Bishop, M. 1996. Attack class: Address spoofing. In Proceedings of the 19th National Information Systems Security Conference. 371--377.
 
21
Shouichi Hirose , Kanta Matsuura, Enhancing the Resistence of a Provably Secure Key Agreement Protocol to a Denial-of-Service Attack, Proceedings of the Second International Conference on Information and Communication Security, p.169-182, November 09-11, 1999
 
22
Hoffman, P. 2002. Features of proposed successors to IKE. Internet Draft, Internet Engineering Task Force (April). Work in progress.
 
23
IEEE. 1993. Entity Authentication Mechanisms---Part 3: Entity Authentication Using Asymmetric Techniques. Tech. Rep. ISO/IEC IS 9798-3, ISO/IEC.
 
24
Markus Jakobsson , Ari Juels, Proofs of Work and Bread Pudding Protocols, Proceedings of the IFIP TC6/TC11 Joint Working Conference on Secure Information Networks: Communications and Multimedia Security, p.258-272, September 20-21, 1999
 
25
P. Janson , G. Tsudik , M. Yung, Scalability and Flexibility in Authentication Services: The KryptoKnight Approach, Proceedings of the INFOCOM '97. Sixteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Driving the Information Revolution, p.725, April 09-11, 1997
 
26
Juels, A. and Brainard, J. 1999. Client puzzles: A cryptographic countermeasure against connection depletion attacks. In Proceedings of the Network and Distributed Systems Security Symposium (NDSS &99). 151--165.
 
27
Karn, P. and Simpson, W. 1999. Photuris: Session-key management protocol. Request for Comments 2522, Internet Engineering Task Force (Mar.).
 
28
Kaufman, C. et al. 2001. Code-preserving Simplifications and Improvements to IKE. Internet Draft, Internet Engineering Task Force (July). Work in progress.
 
29
Kaufman, C. and Perlman, R. 2000. Analysis of IKE. In IEEE Trans. Netw. Comput. (Nov.).
 
30
H. Krawczyk, SKEME: a versatile secure key exchange mechanism for Internet, Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS '96), p.114, February 22-23, 1996
 
31
Krawczyk, H. 2002. Invited Talk. SIGMA: the SIGn-and-MAc approach to authenticated Diffie--Hellman and its use in the IKE protocols. In Proceedings of the Crypto Conference.
 
32
Krawczyk, H., Bellare, M., and Canetti, R. 1997. HMAC: keyed-hashing for message authentication. Request for Comments 2104, Internet Engineering Task Force (Feb.).
 
33
Jussipekka Leiwo , Tuomas Aura , Pekka Nikander, Towards Network Denial of Service Resistant Protocols, Proceedings of the IFIP TC11 Fifteenth Annual Working Conference on Information Security for Global Information Infrastructures, p.301-310, August 22-24, 2000
 
34
Matsuura, K. and Imai, H. 1999. Resolution of ISAKMP/Oakley key-agreement protocol resistant against denial-of-service attack. In Proceedings of Internet Workshop (IWS &99). 17--24.
 
35
Matsuura, K. and Imai, H. 2000. Modified aggressive mode of Internet key exchange resistant against denial-of-service attacks. IEICE Trans. Inf. Syst. E83-D, 5 (May), 972--979.
 
36
Maughan, D., Schertler, M., Schneider, M., and Turner, J. 1998. Internet security association and key management protocol (ISAKMP). Request for Comments (Proposed Standard) 2408, Internet Engineering Task Force (Nov.).
 
37
Meadows, C. 1999a. Analysis of the Internet key exchange protocol using the NRL protocol analyzer. In Proceedings of the IEEE Symposium on Security and Privacy. 216--231.
 
38
Catherine Meadows, A Formal Framework and Evaluation Method for Network Denial of Service, Proceedings of the 1999 IEEE Computer Security Foundations Workshop, p.4, June 28-30, 1999
 
39
Meadows, C. 2000. Open issues in formal methods for cryptographic protocol analysis. In Proceedings of DARPA Information Survivability Conference and Exposition (DISCEX 2000). IEEE Computer Society Press, 237--250.
 
40
Miller, S. P., Neuman, B. C., Schiller, J. I., and Saltzer, J. H. 1987. Kerberos Authentication and Authorization System. Tech. Rep., MIT (Dec.).
 
41
Moskowitz, R. 2001. The Host Identity Payload. Internet Draft, Internet Engineering Task Force (July). Work in progress.
 
42
Rolf Oppliger, Protecting Key Exchange and Management Protocols Against Resource Clogging Attacks, Proceedings of the IFIP TC6/TC11 Joint Working Conference on Secure Information Networks: Communications and Multimedia Security, p.163-175, September 20-21, 1999
 
43
Christoph L. Schuba , Ivan V. Krsul , Markus G. Kuhn , Eugene H. spafford , Aurobindo Sundaram , Diego Zamboni, Analysis of a Denial of Service Attack on TCP, Proceedings of the 1997 IEEE Symposium on Security and Privacy, p.208, May 04-07, 1997
 
44
Sheffer, Y., Krawczyk, H., and Aboba, B. 2001. PIC, a pre-IKE credential provisioning protocol. Internet Draft, Internet Engineering Task Force (Nov.). Work in progress.
 
45
Simpson, W. A. 1999. IKE/ISAKMP Considered Harmful. USENIX; login: (Dec.).

CITED BY  7
Alwyn Goodloe , Carl A. Gunter , Mark-Oliver Stehr, Formal prototyping in early stages of protocol design, Proceedings of the 2005 workshop on Issues in the theory of security, p.67-80, January 10-11, 2005, Long Beach, California
J. Smith , J. M. González-Nieto , C. Boyd, Modelling denial of service attacks on JFK with Meadows's cost-based framework, Proceedings of the 2006 Australasian workshops on Grid computing and e-research, p.125-134, January 16-19, 2006, Hobart, Tasmania, Australia
Daniel Socek , Michal Sramka , Oge Marques , Dubravko Ćulibrk, An improvement to a biometric.based multimedia content protection scheme, Proceeding of the 8th workshop on Multimedia and security, September 26-27, 2006, Geneva, Switzerland
Martín Abadi , Bruno Blanchet , Cédric Fournet, Just fast keying in the pi calculus, ACM Transactions on Information and System Security (TISSEC), v.10 n.3, p.9-es, July 2007
Bryan Ford, Structured streams: a new transport abstraction, ACM SIGCOMM Computer Communication Review, v.37 n.4, October 2007
Janne Lindqvist , Juha-Matti Tapio, Protecting privacy with protocol stack virtualization, Proceedings of the 7th ACM workshop on Privacy in the electronic society, October 27-27, 2008, Alexandria, Virginia, USA
Chwan Hwa John Wu , Tong Liu, Simulation for intrusion-resilient, DDoS-resistant authentication system (IDAS), Proceedings of the 2008 Spring simulation multiconference, April 14-17, 2008, Ottawa, Canada

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General


General Terms:
Reliability, Security, Standardization


Keywords:
Cryptography, denial-of-service attacks

Collaborative Colleagues:
William Aiello: colleagues
Steven M. Bellovin: colleagues
Matt Blaze: colleagues
Ran Canetti: colleagues
John Ioannidis: colleagues
Angelos D. Keromytis: colleagues
Omer Reingold: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player