UNIVERSITY OF HERTFORDSHIRE

    COMPUTER SCIENCE RESEARCH COLLOQUIUM


		presents
                                                                                
   "Secure Sessions from Weak Secrets" 

		speaker:

     Prof. D. Bruce Christianson 
     (Computer Science, University 
        of Hertfordshire)

      3 December 2003 (Wednesday)

	  Lecture Theatre E350
	    Hatfield Campus
		3 - 4 pm


 Coffee/tea and biscuits will be available.


      Everyone is Welcome to Attend


Abstract:

Sometimes two parties who already share a weak secret $k$ such as a
password wish to share also a strong secret $s$ such as a session key
without revealing information about $k$ to an active attacker.  

We assume that both parties can generate strong random numbers and
forget secrets, and present new protocols for secure strong secret
sharing, based on RSA, Diffie-Hellman, and El-Gamal.  

As well as being simpler and quicker than their predecessors, our
protocols also have stronger security properties.  In particular, our
protocols make no cryptographic use of $s$ and so do not impose subtle
restrictions upon the use which is subsequently made of $s$ by other
protocols.  Neither do we rely upon the existence of hash functions with
serendipitous properties.  

In the course of presenting these protocols, we also consider how to
frustrate some new types of cryptographic and system attack. 

-----
Hertfordshire Computer Science Research Colloquium Abstracts
On-line: http://homepages.feis.herts.ac.uk/~nehaniv/colloq/