Digital Security Department Talk : Non-Interactive Forward Secrecy for Key Exchange

Prof. Colin Boyd - Professor at NTNU - Norwegian University of Science and Technology
Digital Security

Date: June 5th 2019
Location: Eurecom - Eurecom

Title: Non-Interactive Forward Secrecy for Key Exchange. Abstract: Once viewed as an optional extra, in the post-Snowden era forward secrecy has become widely regarded as a necessity for key exchange protocols. It means that an adversary who obtains long-term keys of protocol participants should not be able to obtain the session key of a session which has completed. Forward secrecy is today usually provided for online communications using the widely deployed TLS protocol, but becomes more difficult to achieve in person-to-person communications such as email, instant messaging, and peer-to-peer file sharing. This is because such scenarios are not interactive (asynchronous) and therefore different solutions are required. In this talk I will (i) discuss the meaning and importance of forward secrecy and why interaction is relevant; (ii) describe three different ways to achieve forward secrecy in asynchronous (non-interactive) protocols; (iii) consider how to compare the security and practicality of different solutions. This talk includes joint work with Gareth T. Davies, Kristian Gjøsteen and Yao Jiang funded by the Norwegian Research Council. Biography : Colin Boyd completed a Ph.D. in Mathematics in 1985 at the University of Warwick, UK. After 5 years at British Telecom Research Laboratories, where he first became interested in cryptography and information security, he started an academic career at University of Manchester. In 1995 he emigrated to Australia and spent 18 years at Queensland University of Technology (QUT). During this time he became Research Director at the QUT Information Security Institute. In 2013 he returned to Europe, taking up a position as Professor in Information Security at the Norwegian University of Science and Technology (NTNU). His main research interests are in cryptographic protocols, especially key exchange.

Permalink: https://www.eurecom/seminar/89003