Authenticated key exchange protocols in three parties

Abstract : In this thesis, we study the security of authentication and key exchange protocols when they are proxied through a semi-trusted third party is required. We begin by focusing on the security of the UMTS/LTE AKA protocol, when the different versions of this protocol are used to establish a secure channel across a radio access link in 3G and 4G mobile networks. We first describe some security and privacy weaknesses during the execution of the EPS- and UMTS-AKA protocols. Then, several practical solutions are proposed, guaranteeing better security and privacy for this protocol in both 3G and 4G scenarios. Secondly, we focus on computer networks, more precisely on the use of the Keyless SSL in proxying over HTTPS. A security model including the different various, specific security requirements from the web delivery context has been established. We also identify and discuss various weaknesses in the structure of Keyless SSL. Finally, we propose an improvement of Keyless SSL over TLS 1.2, and describe how Keyless SSL could work securely for the new TLS 1.3 protocol version.
Document type :
Theses
Complete list of metadatas

Cited literature [66 references]  Display  Hide  Download

https://tel.archives-ouvertes.fr/tel-01661412
Contributor : Abes Star <>
Submitted on : Monday, December 11, 2017 - 11:30:16 PM
Last modification on : Monday, May 6, 2019 - 11:57:57 AM

File

RICHARD_Benjamin.pdf
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01661412, version 1

Citation

Benjamin Richard. Authenticated key exchange protocols in three parties. Cryptography and Security [cs.CR]. Université Rennes 1, 2017. English. ⟨NNT : 2017REN1S037⟩. ⟨tel-01661412⟩

Share

Metrics

Record views

904

Files downloads

414