Conference paper

Security-Preserving Asymmetric Protocol Encapsulation

Query-response based protocols between a client and a server such as SSL, TLS, SSH are asymmetric in the sense that the querying client and the responding server play different roles, and for which there is a need for two-way linkability between queries and responses within the protocol. We are motivated by the observation that though results exist in other related contexts, no provably secure scheme has been applied to the setting of client-server protocols, which differ from conventional communications on the above points. We show how to secure the communication of queries and responses in these client-server protocols in a provably secure setting. In doing so, we propose a new primitive: a query-response encapsulation scheme; we give an instantiation, and we demonstrate how this primitive can be used for our purpose. In our proof of secure encapsulation, we show how to preserve the notion of "local-security".

Related material