Hi,
I am new to the TLS/SSL protocol.
I am exploring the idea of extending OpenSSL to perform authenticated
key exchanges using symmetric techniques running from smart cards and
falling back to asymmetric key exchanges in the normal way if the
smart cards are not present or do not recognise each other.
The motivation is that authenticated key exchanges based on AES-256
and SHA-512 are considered secure against quantum computing attacks
(Shor's and Grover's quantum algorithms) where algorithms such as RSA
and ECC are widely considered insecure.
The proposal in its simplest form:
1) Two smart cards each have a randomly selected ID (256-bit random
number) and share a 256-bit symmetric key mapped to the pair of ID's
2) One of the smart cards is installed on the server, the other on a
client machine
3) The SSL server connects with its smart card, the client does the same
4) The SSL client establishes a connection with the SSL server
5) Somehow the smart cards announce their identities via the modified
SSL protocol without interfering with the normal ID process.
6) If the smart cards recognise each others ID the smart cards perform
an authenticated key exchange using their shared secret to generate
the sessions keys for encryption and message authentication. If this
step fails the protocol stops.
7) If the smart cards do not recognise the other's ID the protocol
continues using unmodified asymmetric techniques.
8) In some applications the software calling the SSL may make a
decision to stop if the smart card key exchange failed.
I'm interested to find out if anyone has attempted something similar
and for general feedback from people intimately familiar with the SSL/
TLS protocols.
It is clearly important that the modified version of the SSL protocol
remains interoperable with unmodified SSL/TLS implementations and that
the modified protocol does not interfere with the stability of the
established SSL/TLS user base.
Thanks and best regards,
Benjamin Gittins
Chief Technology Officer
Synaptic Laboratories Limited
W: http://synaptic-labs.com
W: http://vestciphers.com
W: http://hardware-ciphers.com
E: [email protected]
T: +356 9944 9390 (mobile)
TZ: CET (UTC+1)
This email and its zero or more attachments contains confidential
material.
If you receive this email in error, please contact me immediately.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
