Advanced search
Publication Cover
Cryptologia Volume 41, 2017 - Issue 1
Submit an article Journal homepage
176
Views
2
CrossRef citations to date
0
Altmetric
Articles

Chaum's protocol for detecting man-in-the-middle: Explanation, demonstration, and timing studies for a text-messaging scenario

Alan T. ShermanCorrespondence[email protected]
,
John Seymour
,
Akshayraj Kore
&
William Newton
Pages 29-54 | Received 22 Aug 2015, Accepted 28 Nov 2015, Published online: 11 May 2016

References

  • Abdo, A. Y., Overton, A. J., Garms, J., and Parsons, J. E. Jr. Automatic re-authentication, U.S. Patent Application Publication 2006/0117106 A1: (1 June 2006) 1–13.
  • Barak, B., Canetti, R., Lindell, Y., Pass, R., and Rabin, T. 2005. Secure computation without authentication. Advances in Cryptology: Proceedings of Crypto 2005. (ed. Shoup, V.), Vol. LNCS 3621. Springer-Verlag.
  • Blake-Wilson, S., and Menezes, A. 1999. Authenticated Diffie-Hellman key agreement protocols. Selected Areas in Cryptography (SAC) ’98. In: Tavares, S., and Meijer, H., (ed.) Vol. LNCS 1556. Springer-Verlag.
  • Blake-Wilson, S., Johnson, D., and Menezes, A. 1997. Key agreement protocols and their security analysis. Cryptography and Coding: 6th IMA International Conference Cirencester. In: Darnell, M., (ed.) Vol. LNCS 1355, Springer-Verlag.
  • Chaum, D. 2006. Distributed communication security systems, U.S. Patent Application Publication 2006/0218636 A1: (September 28), 1–19.
  • Cremers, C. J. F. Pascal Lafourcade, and Philippe Nadeau 2009. Comparing state spaces in automatic security protocol analysis. Formal to Practical Security. In: Cortier, V., et al., (ed.), vol. LNCS 5458, Springer-Verlag.
  • Cyber Defense Lab Animation of Chaum’s protocol for detecting a man-in-the-middle http://youtu.be/SKQQiPtmmJk (accessed 21 February 2015).
  • Dierks, T. and Rescorla, E. (August 2008). The Transport Layer Security (TLS) Protocol Version 1.2, RFC 5246, Internet Engineering Task Force 1–104.
  • Doghmi, S. F., Guttman, J. D., and Thayer, F. J., March 2007. Searching for shapes in cryptographic protocols. International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS). In: Grumberg and Huth, (ed.) vol. LNCS 4424, Springer-Verlag, Extended version at http://eprint.iacr.org/2006/435.
  • Drago, I., Mellia, M., Munafò, M. M., Sperotto, A., Sadre, R., and Pras, A. 2012. Inside Dropbox: Understanding personal cloud storage services, In: Proceedings of the 2012 ACM Conference on Internet Measurement (IMC ’12). Boston, MA ACM.
  • Dyn Research. 2013. The new threat: Targeted Internet traffic misdirection, http://research.dyn.com/2013/11/mitm-internet-hijacking/ (accessed 25 January 2015).
  • Johnston, A. M., Gemmell, P. S. 2002. Authenticated key exchange provably secure against man-in-the-middle attack. Journal of Cryptology 15(2):139–148.
  • Langley, A. (April 6 2003). ImperialViolet: Pability Python, http://www.imperialviolet.org/2003/04/06/capability-python.html (accessed 22 February 2015) (April 6, 2003).
  • Meadows, C. 2003. Formal methods for cryptographic protocol analysis: Emerging issues and trends. IEEE Journal on Selected Areas in Communications 44–54.
  • Newton, W. (December 2010). Chaum’s protocol for detecting man-in-the middle: Explanation and discussion, MS Thesis, CSEE Dept., University of Maryland, Baltimore County, pp. 1–63.
  • Oracle, Java cryptography architecture standard algorithm name documentation for Java platform standard edition 7. http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html (accessed 1-27-15).
  • Oracle, Package javax.crypto, http://docs.oracle.com/javase/7/docs/api/javax/crypto/package-summary.html (accessed 1 January 2015).
  • Rescorla, E. 2001. SSL and TLS: Designing and building secure systems. Boston, MA: Addison-Wesley.
  • Rescorla, E. (June 1999). Diffie-Hellman Key Agreement Method, RFC 2631, Internet Engineering Task Force pp. 1–13.
  • Rivest, R. L., Shamir, A. (April 1984). How to expose an eavesdropper, Communications of the ACM 27(4):393–395.
  • Seymour, J. (January 30, 2013). Implementation and evaluation of various man-in-the-middle detection protocols: Detecting an eavesdropper of instant messages using minimal assumptions, Course paper, CMSC-644 Information Assurance, CSEE Dept., University of Maryland, Baltimore County, pp. 1–9.
  • TheNextWeb.com, Lenovo caught installing adware on new computers, http://thenextweb.com/insider/2015/02/19/lenovo-caught-installing-adware-new-computers/ (accessed 21 February 2015).
  • U.S. Patent Office. Prosecution history for U.S. Patent Application 11/388,520 by David Chaum, pp. 1–48.
  • Vaudenay, S. 1995. Secure communications over insecure channels based on short authenticated strings. Advances in Cryptology: CRYPTO 2005. In: Shoup, V., (ed.) vol. LNCS 3621, Springer-Verlag.
  • Wikipedia, Interlock Protocol, http://en.wikipedia.ord/wiki/Interlock_protocol (accessed 24 January 2015).
  • Wikipedia, Zfone, https://en.wikipedia.org/wiki/Zfone (accessed 12 April 2016).
  • Wilcox-O’Hearn, Z. (March 31, 2003). Defense against middleperson attacks. https://web.archive.org/web/20030403000153/ http://zooko.com/defense_against_middleperson_attacks.html (accessed 22 February 2015).
  • Zimmermann, P., Johnston, A., Ed., Avaya, Callas, J. (April 2011). ZRTP: Media path key agreement for unicast secure RTP, RFC 6189, Internet Engineering Task Force, pp. 1–115.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.