Improving the ISO/IEC 11770 standard for key management techniques

Conference item

We provide the first systematic analysis of the ISO/IEC 11770 standard for key management techniques [18,19], which describes a set of key exchange, key authentication, and key transport protocols. We analyse the claimed security properties, as well as additional modern requirements on key management protocols, for 30 protocols and their variants. Our formal, tool-supported analysis of the protocols uncovers several incorrect claims in the standard. We provide concrete suggestions for improving the standard.

Authors: Cremers, C; Horvat, M

• Publication status: Published
• Peer review status: Peer reviewed
• Publisher: Springer International Publishing
• Host title: Security Standardisation Research: First International Conference, SSR 2014, London, UK, December 16-17, 2014. Proceedings
• Pages: 215-235
• Series: Lecture Notes in Computer Science
• Series number: 8893
• Publication date: 2014-11-25
• Event title: Security Standardisation Research First International Conference, SSR 2014
• Event location: London, UK
• Event start date: 2014-12-16
• Event end date: 2014-12-17
• DOI: 10.1007/978-3-319-14054-4_13
• EISSN: 1611-3349
• ISSN: 0302-9743
• EISBN: 978-3-319-14054-4
• ISBN: 978-3-319-14053-7
• Language: English
• Keywords: Forward Secrecy; Perfect Forward Secrecy; Message Authentication Code; Transport Layer Security; Entity Authentication