Showing papers on "Otway–Rees protocol published in 1997"

Mobile-TCP: an asymmetric transport protocol design for mobile systems

Abstract: In this paper, we advocate the use, propose the design, and describe the implementation of an asymmetric transport-layer protocol for mobile systems. In an asymmetrically designed protocol, peer functions are implemented through algorithms and procedures that are of substantially different complexity, with the lower complexity procedures used on the mobile device. We have devised and implemented an example of such a communication protocol, termed by us Mobile-TCP that provides the TCP functionality. Although Mobile-TCP is based on the indirect interaction model, the semantics of the TCP protocol are preserved.

Simple Authentication and Security Layer (SASL)

Abstract: This document describes a method for adding authentication support to connection-based protocols. To use this specification, a protocol includes a command for identifying and authenticating a user to a server and for optionally negotiating protection of subsequent protocol interactions. If its use is negotiated, a security layer is inserted between the protocol and the connection. This document describes how a protocol specifies such a command, defines several mechanisms for use by the command, and defines the protocol used for carrying a negotiated security layer over the connection.

Verifying authentication protocols with CSP

Abstract: The paper presents a general approach for analysis and verification of authentication properties in the language of communicating sequential processes (CSP). It is illustrated by an examination of the Needham-Schroeder public key protocol (R. Needham and M. Schroeder, 1978). The contribution of the article is to develop a specific theory appropriate to the analysis of authentication protocols, built on top of the general CSP semantic framework. This approach aims to combine the ability to express such protocols in a natural and precise way with the facility to reason formally about the properties they exhibit.

Method for allowing more efficient communication in an environment wherein multiple protocols are utilized

Abstract: Provided are a method and system that allow one or more network protocol emulators, composed of one or more network protocol emulation controllers and one or more network protocol emulation entities, which are overlaid onto the one or more base networks utilizing different communications protocols for the purpose of allowing said one or more networks to be accessed and utilized as if the one or more networks were utilizing protocols emulated by the one or more network protocol emulators. The method and system utilize the following steps. Apprising the one or more network protocol emulation controllers of network capability information inherent within protocols utilized by the one or more networks onto which the one or more network protocol emulation controllers are overlaid. Directing that the one or more network emulation controllers utilize the one or more network capability information of which they have been apprised to define communication capabilities for certain network protocol emulation entities within the control of the one or more network protocol emulation controllers. Directing either the one or more network protocol emulation controllers or the one or more certain network protocol emulation entities within the control of the network protocol emulation controllers to utilize such defined communications capabilities to ensure that the network protocol emulation entities do not request a communications link to one or more other network protocol emulation entities that substantially exceeds the defined communication capabilities of the one or more other network protocol emulation entities.

HMAC-MD5 IP Authentication with Replay Prevention

Abstract: This document describes a keyed-MD5 transform to be used in conjunction with the IP Authentication Header [RFC-1826]. The particular transform is based on [HMAC-MD5]. An option is also specified to guard against replay attacks.

Weaknesses of North American wireless authentication protocol

Abstract: Security for cellular and PCS systems in the United States will be based on secret key schemes for authentication and encryption. The effectiveness of security for wireless, as in other applications of cryptography, will depend on the ability of the basic cryptographic algorithms to withstand attacks and on sound protocol design. We show the IS-41 authentication protocol to be unsound by pointing to multiple flaws in the protocol which allow a network impersonator to gain service without "breaking the CAVE algorithm". These flaws effectively nullify authentication.

An adaptable and reliable authentication protocol for communication networks

Abstract: We propose a new authentication and key distribution protocol which is adaptable and reliable for communication networks. The secrets for authentication, which are chosen from a relatively small space by common users, are easy to guess. Our protocol gives a solution to protect the weak secrets from guessing attacks. Compared with other related work, our protocol is more reliable because it is resistant to various kinds of attacks including guessing attacks, and more adaptable because it reduces several overheads which make the existing protocols more expensive. We show how to apply our protocol to the Q.931 calling sequences and to the World Wide Web model.

Design and Analysis of Transport Protocols for Reliable High-Speed Communications

Abstract: The design and analysis of transport protocols for reliable communications constitutes the topic of this dissertation. These transport protocols guarantee the sequenced and complete delivery of user data over networks which may lose, duplicate and reorder packets. Reliable transport services are required by a wide range of applications such as the World-Wide Web, remote network access, and distributed computing. The design of these protocols is heavily influenced by the parameters of the underlying network infrastructure and by the assumptions about the host computers and applications. Therefore the recent advances in optical transmission and computer technologies stimulated the design of several novel transport protocols. Many of the proposed protocols use similar or at least related techniques. Our goal with this thesis is to improve the understanding of reliable communications by analyzing the protocols that implement this service and to contribute to the design of reliable transport protocols. The basis of our analysis is the formal specification and verification of the protocol mechanisms under investigation. The behavior of the protocol is captured by a state-transition system and properties are established using assertional reasoning. The framework is capable to handle unbounded and modulo-N state variables and to capture real-time aspects of the protocols which is essential for the modeling of realistic systems. Practical protocols of considerable complexity are specified and verified in the thesis. One advantage of the formal verification is that it increases our confidence in the correctness of these protocols. The formalism forces us to clarify all the details of the working of the protocol and to state explicitly every assumption about the protocol and its environment. During the process of the verification one also gains insight into the mechanisms of the protocol. But probably the most important result is that during the verication we obtain conditions for the correctness of the protocol in the form of inequalities on some protocol parameters. These conditions allow the comparison of the different protocol mechanisms and can be used to judge the suitability of a protocol for a certain environment. The functionality of transport protocols can be naturally divided into data transfer and connection management. Data transfer deals with the sequenced delivery of user data, while connection management is concerned with the orderly setup and release of connections. In the thesis we study three different data transfer protocols. The usage of timestamps in data transfer protocols is analyzed in detail through the example of the PAWS mechanism which was proposed as an extension to TCP. The analysis reveals that the use of timestamps increases the functionality of the transport protocol by facilitating the simple measurement of round-trip delays, but it also reduces the maximum allowable transmission rate as compared to the plain sliding-window protocol. Another data transfer protocol called SNR is analyzed which is based on the idea of periodic state exchange. We start from an earlier specification of SNR and compare it to the plain sliding-window protocol. The analysis reveals that the maximum transmission speed achievable by that SNR specification is higher than that of the plain sliding-window protocol, but it comes with a serious limitation. In the SNR specication it is assumed that no duplicates are generated by either the network or the transport protocol itself. This assumption may seriously limit the eective performance of the protocol in case of losses in the network and demonstrates the importance of considering all the assumptions when selecting a protocol for a certain environment. The use of timestamps is also investigated in the context of connection management protocols. The detailed analysis of the connection setup protocol SCMP is presented which is based on the assumption that clocks of computers can be synchronized relatively cheaply even in a large network. In our verification it is proven that the safety of the protocol does not depend of the synchronization assumption, therefore the protocol can be used safely in cases when there are no absolute guarantees of the clocks being synchronized. Since practical clock synchronization algorithms give only probabilistic guarantees, our result provides an important theoretical support of the applicability of the protocol in practical environments. Based on earlier work by others, a family of connection management protocols is analyzed that use a cache to store information needed to shorten the connection setup latency. We contribute to this work by proposing improvements which allow to reduce considerably the memory usage of these protocols. Furthermore, we show that the correctness of the protocol can be assured without assuming an upper bound on the incarnation lifetime, i.e., the maximum duration of a connection. This result greatly improves the practical applicability of the protocol.

A Computer Aided Design of a Secure Registration Protocol

Abstract: We use the formal language LOTOS to specify a registration protocol between a user and a Trusted Third Party, that requires mutual authentication. We explain how a model-based verification method can be used to verify its robustness to attacks by an intruder. This method is also used to find a simpler protocol that remains secure.

Security for ATM networks

Abstract: This paper addresses the design and management of security services for ATM networks. Various options for the positioning of security services within the ATM protocol stack are discussed. After considering these possibilities, it is proposed to place the security layer between the AAL and ATM layers. The proposed security layer provides confidentiality, integrity and data origin authentication in the user plane. The paper then presents an authentication scheme and a key establishment protocol. This protocol is integrated with the existing ATM signaling protocol, as part of the call setup procedures. The developed security design can be transparently integrated into the B-ISDN protocol reference model without violating the existing standards.

A tampering protocol for reducing the coherence transactions in regular computation

Abstract: This paper proposes a tampering protocol for reducing the coherence transactions in the computations with regular communication patterns. This protocol is a subsidiary of the conventional cache-coherence protocol and is activated on a memory-block basis. If activated for a block, the exclusive copy of that block is frozen in the cache and is accessed (i.e., tampered) with no coherence transactions; otherwise, the coherency is maintained by the conventional protocol. Thus by activating the tampering protocol for the shared data of processes, the latency of communication between the processes reduces. As a by-product, the stream data are effectively implemented with the tampering protocol. The effects of the tampering protocol on the regular computations are evaluated by an RTL simulator of our multiprocessor. The result shows that the tampering protocol greatly improves the performance with a conventional protocol. Then the stream is effective for the process synchronization.

cient key exchange protocol for ~~yptogra~hically secure CDMA systems

Abstract: This paper presents an efficient key exchange protocol for cryptographically secure CDMA systems which uses no more than the single REQUEST-RESPONSE protocol of conventional systems. The protocol, based on the Diffie-Hellman scheme, makes synchronisation of the cryptographic spreading sequence easy and uses the existing cryptographic sequence generation hardware for the key protocol computations.