Book ChapterDOI
An End-to-End Authentication Protocol in Wireless Application Protocol
Jong-Phil Yang,Weon Shin,Kyung Hyune Rhee +2 more
- pp 247-259
TLDR
This paper proposes a new authentication protocol based on the design of a new network component that is called CRL-agent and analyzes and evaluates the security strength of the proposed protocol.Abstract:
Mobile commerce is becoming more and more commonplace, but security is still a major concern. To provide security, theWAP (Wireless Application Protocol) forum suggests theWAP security architecture. However, it needs theWAP gateway for intermediate process between the WTLS (Wireless Transport Layer Security) and the SSL (Secure Socket Layer) protocol, and it does not guarantee end-to-end security between the mobile devices and the WAP servers. In this paper, we propose a new authentication protocol to solve this problem. Our solution is based on the design of a new network component that is called CRL-agent. Furthermore, we also analyze and evaluate the security strength of the proposed protocol.read more
Citations
More filters
Proceedings ArticleDOI
An asymmetric authentication protocol for m-commerce applications
Li-Sha He,Ning Zhang +1 more
TL;DR: This paper presents a novel asymmetric end-to-end authentication protocol that is based on the concept of using the wireless access home network of a mobile station to assist its authentication with a service provider.
Book ChapterDOI
Security Enhanced WTLS Handshake Protocol
TL;DR: This paper analyzes the securities of the existing WTLS handshake protocol, and then proposes a security enhanced WTLS Handshake protocol.
References
More filters
Proceedings ArticleDOI
Encrypted key exchange: password-based protocols secure against dictionary attacks
TL;DR: A combination of asymmetric (public-key) and symmetric (secret- key) cryptography that allow two parties sharing a common password to exchange confidential and authenticated information over an insecure network is introduced.
Proceedings ArticleDOI
Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise
TL;DR: Two ways to accomplish EKE augmented so that hosts do not store cleartext passwords are shown, one using digital signatures and one that relies on a family of commutative one-way functions.
The S/KEY One-Time Password System
TL;DR: This document describes the S/KEY* One-Time Password system as released for public use by Bellcore and as described in reference [3].
Analysis of the SSL 3.0 protocol
David Wagner,Bruce Schneier +1 more
TL;DR: A number of minor flaws in the protocol and several new active attacks on SSL are presented; however, these can be easily corrected without overhauling the basic structure of the protocol.
Journal ArticleDOI
Public-key cryptography and password protocols
Shai Halevi,Hugo Krawczyk +1 more
TL;DR: This work presents and analyze several simple password authentication protocols, and shows optimal resistance to off-line password guessing attacks under the choice of suitable public key encryption functions, and introduces the notion of public passwords that enables the use of the above protocols in situations where the client's machine does not have the means to validate the server's public key.
Related Papers (5)
Mobile IP registration protocol: a security attack and new secure minimal public-key based authentication
Sufatrio,Kook Yan Lam +1 more
A lightweight identity authentication protocol for wireless networks
An enhanced one-bit identity authentication protocol for access control in IEEE 802.11
Haoli Wang,Aravind Velayutham +1 more