Mission
  Members
  Research
  Publications
  Teaching
  Industrial connections
  Activity reports
  Contact information
  Miscellaneous
 
  Meeting information
 
  Webmail
 
magyar · english
  I. Zs. Berta, I. Vajda
Limitations of humans when using malicious terminals
Tatra Mountains Mathematical Publications, 2004, (to appear).

abstract 

Limitations of humans when using malicious terminals

István Zsolt BERTA, István VAJDA

The user wishes to communicate with a remote partner over an insecure network. Since the user is a human being, a terminal is needed to gain access to the network. In this paper the problem of sending authentic messages from insecure or untrusted terminals is analyzed. In this case attackers are able to gain total control over the terminal, so the user must consider the terminal a potential attacker.

According to our model, the user is able to encrypt or authenticate messages with very small degree of security, so these messages can be broken by the terminal with significant probability. Since the cryptographic abilities of the user are more than limited, and no solution is known for the problem, our assumption seems to be realistic.

In this model, we prove, that if the user lacks the ability to encrypt (and decrypt) messages in one step, the remote partner is unable to help the user in constructing a secret channel. We also present our conjecture, that the case is similar in case of authenticity: If the user is unable to calculate a MAC that cannot be broken by the terminal with high probability, then the remote partner is unable to help the user in constructing an authenticated channel.