A Complete Characterization of Secure Human-Server Communication

David Basin, Saša Radomirović, Michael Schläepfer

Research output: Chapter in Book/Report/Conference proceedingConference contribution

12 Citations (Scopus)
1 Downloads (Pure)

Abstract

Establishing a secure communication channel between two parties is a nontrivial problem, especially when one or both are humans. Unlike computers, humans cannot perform strong cryptographic operations without supporting technology, yet this technology may itself be compromised. We introduce a general communication topology model to facilitate the analysis of security protocols in this setting. We use it to completely characterize all topologies that allow secure communication between a human and a remote server via a compromised computer. These topologies are relevant for a variety of applications, including online banking and Internet voting. Our characterization can serve to guide the design of novel solutions for applications and to quickly exclude proposals that cannot possibly offer secure communication.

Original languageEnglish
Title of host publication2015 IEEE 28th Computer Security Foundations Symposium
PublisherIEEE
Pages199-213
Number of pages15
ISBN (Electronic)9781467375382
DOIs
Publication statusPublished - 7 Sep 2015
Event28th IEEE Computer Security Foundations Symposium 2015 - Verona, Italy
Duration: 13 Jul 201517 Jul 2015

Publication series

NameComputer Security Foundations Symposium
ISSN (Print)1063-6900

Conference

Conference28th IEEE Computer Security Foundations Symposium 2015
Abbreviated titleCSF 2015
CountryItaly
CityVerona
Period13/07/1517/07/15

Keywords

  • Formal Modeling
  • Security Ceremonies
  • Security Protocols

Fingerprint Dive into the research topics of 'A Complete Characterization of Secure Human-Server Communication'. Together they form a unique fingerprint.

  • Cite this

    Basin, D., Radomirović, S., & Schläepfer, M. (2015). A Complete Characterization of Secure Human-Server Communication. In 2015 IEEE 28th Computer Security Foundations Symposium (pp. 199-213). (Computer Security Foundations Symposium). IEEE. https://doi.org/10.1109/CSF.2015.21