Shan Chen
Ph.D. student in Computer Science
School of Computer Science
College of Computing
Georgia Institute of Technology

Date: Wednesday, April 24, 2019
Time: 1:30 - 3:30 pm (EDT)
Location: Klaus 3402

Committee:
------------
Dr. Alexandra Boldyreva (Advisor, School of Computer Science, Georgia Institute of Technology)
Dr. Mustaque Ahamad (School of Computer Science, Georgia Institute of Technology)
Dr. Vladimir Kolesnikov (School of Computer Science, Georgia Institute of Technology)


Abstract:
-----------

Secure channel establishment protocols such as TLS are some of the most important cryptographic protocols, enabling the encryption of nearly half of all Internet traffic. Recently, there have been many formal security analyses for the most important low-latency protocols: the just-released TLS 1.3 and a relatively recent secure transport protocol QUIC from Google that is available in the Chrome browser. But their security, when layered with their underlying transport protocols, cannot be easily compared. The first work I will present in the proposal tries to solve this problem.

After establishing a secure channel, a user often logs in to a server by typing in a password. But if the user’s terminal has been fully compromised, the password will be leaked and his future communications cannot be protected. This problem is addressed by the second work I will present, which constructs the first user authentication and key exchange protocols that can tolerate strong corruptions on the client-side.

The above protocol handled strong corruptions but still requires the user to type in some one-time password on the terminal, which is not very efficient. Recently, the Fast Identity Online (FIDO) Alliance has been working on a password-free user authentication standard called FIDO2. I will finally present our ongoing work on FIDO2 security analysis.