Showing papers on "Data Authentication Algorithm published in 1995"

IP Authentication Header

Abstract: This document describes an updated version of the IP Authentication Header (AH), which is designed to provide authentication services in IPv4 and IPv6. This document obsoletes RFC 2402 (November 1998). [STANDARDS-TRACK]

Method and apparatus for authentication in a communication system

Abstract: A method and apparatus for authenticating a roaming subscriber. In a preferred embodiment, a subscriber receives a challenge (305) that is in a format of a local authentication protocol, and determines (310) whether the local authentication protocol is the subscriber's home system authentication protocol. If it is not, the subscriber converts the challenge into a format (e.g., bit length) compatible (325) with its home system authentication protocol, and processes the converted challenge with the subscriber's secret key and authentication algorithm into an authentication response (330). The authentication response is converted (335) to be compatible with the local authentication protocol, and transmitted (340) to a local system communication unit. The challenge and response is then forwarded to the subscriber's home system (345) for similar conversion and processing, and the subscriber's response is compared against a home system generated response (355).

Bucket Hashing and its Application to Fast Message Authentication

Abstract: We introduce a new technique for generating a message authentication code (MAC). At its center is a simple metaphor: to (noncryptographically) hash a string x, cast each of its words into a small number of buckets; xor the contents of each bucket; then collect up all the buckets' contents. Used in the context of Wegman-Carter authentication, this style of hash function provides the fastest known approach to software message authentication.

An efficient and secure authentication protocol using uncertified keys

Abstract: Most authentication protocols for distributed systems achieve identification and key distributions on the belief that the use of a uncertified key, i.e. the key whose freshness and authenticity cannot be immediately verified by its receiving principal while being received, should be avoided during the mid-way of an authentication process. In this paper we claim that using a uncertified key prudently can give performance advantages and not necessarily reduces the security of authentication protocols, as long as the validity of the key can be verified at the end of an authentication process. A nonce-based authentication protocol using uncertified keys is proposed. Its total number of messages is shown to be the minimal of all authentication protocols with the same formalized goals of authentication. The properties which make the protocol optimal in terms of message complexity are elaborated, and a formal logical analysis to the protocol is performed. The protocol is extended to counter the session key compromise problem and to support repeated authentication, in a more secure and flexible way without losing its optimality.

User authentication in a communications network

Abstract: An authentication system of a terminal on a public switched telephone network comprises a security node associated with a local exchange (10) and a network terminal (14). For one-way authentication, the terminal (14) responds to a call initiation by sending a unique authentication code (R) comprising a number (m) and a secret key (Sj) encrypted according to a first algorithm (F), the secret key being specific to the terminal. The security node constructs the expected authentication code (E) from the number (m), using the first algorithm (F) and a second key which is a function of a terminal identification number (TN), and compares the expected code (E) with the received code (R). In two-way authentication, the security node responds to the call initiation by sending a transaction number (n) to the terminal (14) encrypted according to a second algorithm (fj). The terminal (14) generates the authentication code (R) as a function of the first algorithm (F), the secret key (Sj) and the transaction number (n). The authentication code (R) is sent back to the security node. An expected code (E) is compared with the received one (R) in the same way. In both cases, a match between expected and received authentication codes (E and R) constitutes authentication of the terminal (14), allowing the user access to the network.

Authentication codes for nontrusting parties obtained from rank metric codes

Abstract: In this paper we introduce a new way of constructingA2-codes, i.e., authentication codes that protect against deceptions from an opponent and additionally also protect against deceptions from the transmitter and the receiver. The construction uses codes for the rank metric, a well-known field in coding theory. The construction gives improved performance compared with previous work and it also gives an opportunity to use unequal authentication protection when the participants are unequally trusted.

A user authentication protocol for digital mobile communication network

Abstract: A new public-key user authentication protocol for mobile communication network is presented based on Harn (see Electronics Letters, vol.30, no.5, p.396, 1994) proposed modified ElGa-mal signature system and Rabin cryptosystem. It overcomes the shortcomings of secret-key authentication protocol used in GSM and CT-2 systems, and a has lower computational complexity and a higher security.

Message authentication using quadratic residues

Abstract: This paper shows a method for authenticating messages based on quadratic residues. The method will detect accidental or deliberate changes to a message, and will verify the sender of the message, both with near certainty. It does not require any preliminary exchange of messages, and does not require publishing any additional data besides each user's public key.

Authentication by server of holder of object incorporating microprocessor

Abstract: The authentication requires that the server read identification information from a portable device. This information is produced by a specific algorithm applied to a first identification code supplied by the user, and determines whether authentication is positive or negative. The algorithm comprises two main steps. The first stage produces a partial identification code, deduced from the identification code entered by the user. The second stage applies a first non-reversible encryption algorithm to the partial identification code to generate the authentication information. The server holds a master key applicable to a group of users, and the portable device has a secret key operating on the master key.

Addressing weaknesses in two cryptographic protocols of Bull, Gong and Sollins

Abstract: The authors demonstrate replay attacks on two authentication and key distribution protocols proposed by Bull, Gong and Sollins (1992). The observations leading to the attacks are used intuitively to arrive at more robust versions of the protocols.

Efficient failure discovery with limited authentication

Abstract: Solutions for agreement problems in distributed systems can generally be divided into two classes: authenticated protocols and non-authenticated protocols. Authenticated protocols make use of authenticated messages, i.e., the messages can be signed in a way that a signed message can be assigned unambiguously to the signer. Little has been said about how to achieve this kind of authentication; in some settings this is impossible without a trusted dealer or other mechanisms outside the system. In this paper, we introduce and investigate a weaker kind of authentication, local authentication. It can be achieved within a distributed system with an arbitrary number of arbitrary faults. We then show that Failure Discovery, a problem introduced by Hadzilacos and Halpern, can be solved with authenticated protocols even if only local authentication is available. Since authenticated protocols for this problem have linear message complexity, as opposed to quadratic complexity in the non-authenticated case, the effort of establishing local authentication once results in a substantial reduction of messages in subsequent failure-discovery protocols.

Authentication codes: An area where coding and cryptology meet

Abstract: Among many applications of cryptography, the use of authentication schemes is of great practical importance. The purpose of authentication schemes [3], [10] is to add proof to a message that the message is authentic, i.e. it was not sent by an imposter and it has not been altered on its way to the receiver. The imposter may replace an authenticated message by another message (substitution) or may just try to send his own message (impersonation). The aspect of secrecy could also be introduced here, but in many cases the receiver just wants to be sure that the message is genuine. Think for instance of offices that are communicating with each other.

Proposed DSS-specific fields for the generic authentication information element

Abstract: This contribution proposes the format of the ``Algorithm-Specific Information`` and ``Signature`` fields within the ``Proposed Generic Authentication Information Element`` for authentication IEs based on the Digital Signature Standard (DSS). These fields are designed to allow various levels of authentication ``strength`` (or robustness), and many of these fields may be omitted in systems that optimize authentication performance by sharing common (public) Digital Signature Algorithm (DSA) parameters. This allows users and site security officers to design their authenticated signaling according to site security and performance requirements.