Back to search

IS-DAAD-Forskerutveksl. Norge-Tyskland

Key Exchange for Today's Internet

Awarded: NOK 33,640

The modern internet infrastructure relies on key exchange and key establishment protocols for initiation of secure communications. In such protocols, two (or more) parties agree on some key material to use later on, in a way that an eavesdropper (that sees the entire transcript) cannot extract this key material - either due to the beautiful properties of public-key encryption techniques or as a result of some a priori shared information between the parties. A property widely expected of key exchange protocols is forward secrecy: if a long-term secret key of one party is corrupted then prior sessions should still remain secure. This is usually achieved using so-called "ephemeral" values instead of wholly relying on the secret key. This approach has been widely deployed for many years in diverse applications such as Transport Layer Security (TLS), instant messaging (the Signal protocol and WhatsApp, plus many others) and IPSec. Understanding and defining forward secrecy has been an ongoing research effort for many years now, and in fact numerous primitives that are related to key exchange have modelled their own flavors of forward secrecy. The proliferation of these models, some generic and some specific, have created a confusing landscape for practitioners and researchers seeking to gauge the security levels that can be achieved in their specific application. This project will focus on defining and unifying models for forward secrecy, and applying such models in Internet applications.

Funding scheme:

IS-DAAD-Forskerutveksl. Norge-Tyskland