Showing papers on "Otway–Rees protocol published in 1989"

Limitations of challenge-response entity authentication

Abstract: We consider two basic versions of the challenge-response authentication protocol, and exhibit both a method of attack and a simple modification preventing such attacks. We go on to consider three variants of the basic protocols and show that one of them is completely insecure.

Securely replicating authentication services

Abstract: A framework for designing a type of distributed authentication protocol is given, whose security and availability are higher compared to those of centralized ones. It uses the technique of secret sharing and introduces a cross checksum scheme to achieve secure replication. Fewer than a certain number of malicious servers cannot damage security except by causing denial of service, and this only happens when too many honest servers accidentally fail at the same time. The protocol is suited to an environment where no trustworthiness of any server is permanently guaranteed. The approach is general enough not to rely on any particular authentication protocol. Existing implementations need minor modification. Only a short piece of code is needed to run the implementations as many times as required. Hence, different centralized protocols can be incorporated into one distributed protocol. >

An implementation of a zero-knowledge protocol for a secure network login procedure

Abstract: The concept of a zero-knowledge protocol has led to the consideration of the feasibility of implementing a secure password protocol, one that does not involve the transmission of any information concerning the password during the logon process. The authors have constructed a demonstration of the feasibility of the use of such a model, and describe a number of instances in which the zero-knowledge protocol model could practically be used for greater operating system security. The protocol was executed on a Sun-3, model 110, using a number of different values for the size of the secret and also for the number of iterations. It is shown that values of the pair (log p,n) approximating (60,35) can run in approximately five minutes on currently available workstations. >

Encapsulation Security Protocol Design for Local Area Networks

Abstract: Construction of a simple local area network encapsulation security protocol is discussed. The paper illustrates the way that the key distribution scheme, the confidentiality algorithm, and the integrity algorithm drive the protocol construction. A Needham/Schroeder based key distribution scheme, DES Cipher Block Chaining, and the Message Authentication Code are used as building blocks for a sample protocol. The sample protocol provides data origin authentication, confidentiality, and integrity.

Authentication, confidentiality, and integrity extensions to the XNS protocol suite

Abstract: The Xerox Network Systems (XNS) architecture[1] includes all of the security features found in today's most popular protocol suites. In addition, XNS provides strong authentication at the beginning of each conversation. Authentication is the verification that both entities in a conversation are the ones claimed.[2] The Authentication Protocol[3] provides authentication in such a way that no passwords are ever transmitted on the network.