[prev in list] [next in list] [prev in thread] [next in thread]
List: ietf-tls
Subject: [TLS] OPTLS paper posted
From: Hugo Krawczyk <hugo () ee ! technion ! ac ! il>
Date: 2015-10-15 22:37:23
Message-ID: CADi0yUOth5bb0s8Gxz62TReUXhJHqQe-AjDBowxOtJDVk8myrQ () mail ! gmail ! com
[Download RAW message or body]
The OPTLS paper (preprint) explaining the rationale of the protocol and its
analysis is posted here: http://eprint.iacr.org/2015/978.
The OPTLS design provides the basis for the handshake modes specified in the
current TLS 1.3 draft including 0-RTT, 1-RTT variants, and PSK modes (client
authentication is not covered). OPTLS dispenses with elements that are not
essential to achieve the basic cryptographic security of the protocol.
By following such a "minimalistic" approach, the OPTLS design provides the
flexibility of building different protocol variants that provide varied
performance trade-offs and security features. Some of these variants give
rise
to the current TLS 1.3 modes while others may be useful in the future. In
the
latter class it is worth noting the ability to obtain a protocol that
completely
eliminates online signatures while keeping most of TLS 1.3 unchanged.
The analysis part of the paper covers the basics of key exchange security.
More comprehensive analyses including validation of TLS 1.3 specifications
and
implementations is expected to be covered by future work.
We would like to take this opportunity to thank the TLS Working Group for
insightful discussions and invaluable feedback that led to this work.
Hoeteck and Hugo
[Attachment #3 (text/html)]
<div dir="ltr"><div class="gmail_default" style=""><div class="gmail_default" \
style=""><font face="verdana, sans-serif"><br></font></div><div class="gmail_default" \
style=""><font face="verdana, sans-serif">The OPTLS paper (preprint) explaining the \
rationale of the protocol and its</font></div><div class="gmail_default" \
style=""><font face="verdana, sans-serif">analysis is posted here: <a \
href="http://eprint.iacr.org/2015/978">http://eprint.iacr.org/2015/978</a>. \
</font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif"><br></font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif">The OPTLS design provides the basis for the handshake modes specified in \
the</font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif">current TLS 1.3 draft including 0-RTT, 1-RTT variants, and PSK modes \
(client</font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif">authentication is not covered). OPTLS dispenses with elements that are \
not</font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif">essential to achieve the basic cryptographic security of the protocol. \
</font></div><div class="gmail_default" style=""><font face="verdana, sans-serif">By \
following such a "minimalistic" approach, the OPTLS design provides \
the</font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif">flexibility of building different protocol variants that provide \
varied</font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif">performance trade-offs and security features. Some of these variants give \
rise</font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif">to the current TLS 1.3 modes while others may be useful in the future. In \
the</font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif">latter class it is worth noting the ability to obtain a protocol that \
completely</font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif">eliminates online signatures while keeping most of TLS 1.3 \
unchanged.</font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif"><br></font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif">The analysis part of the paper covers the basics of key exchange \
security. </font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif">More comprehensive analyses including validation of TLS 1.3 \
specifications and</font></div><div class="gmail_default" style=""><font \
face="verdana, sans-serif">implementations is expected to be covered by future \
work.</font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif"><br></font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif">We would like to take this opportunity to thank the TLS Working Group \
for</font></div><div class="gmail_default" style=""><font face="verdana, \
sans-serif">insightful discussions and invaluable feedback that led to this \
work.</font></div><div class="gmail_default" \
style="font-family:verdana,sans-serif;font-size:small"><br></div><div \
class="gmail_default" style="font-family:verdana,sans-serif;font-size:small">Hoeteck \
and Hugo</div></div></div>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic