Showing papers on "Otway–Rees protocol published in 2013"
18 Aug 2013
TL;DR: This paper shows how to extract a key-encapsulation mechanism (KEM) from the TLS Handshake Protocol, and how the security of the entire TLS protocol follows from security properties of this KEM when composed with a secure authenticated encryption scheme in the Record Protocol.
Abstract: TLS is the most widely-used cryptographic protocol on the Internet. It comprises the TLS Handshake Protocol, responsible for authentication and key establishment, and the TLS Record Protocol, which takes care of subsequent use of those keys to protect bulk data. In this paper, we present the most complete analysis to date of the TLS Handshake protocol and its application to data encryption (in the Record Protocol). We show how to extract a key-encapsulation mechanism (KEM) from the TLS Handshake Protocol, and how the security of the entire TLS protocol follows from security properties of this KEM when composed with a secure authenticated encryption scheme in the Record Protocol. The security notion we achieve is a variant of the ACCE notion recently introduced by Jager et al. (Crypto ’12). Our approach enables us to analyse multiple different key establishment methods in a modular fashion, including the first proof of the most common deployment mode that is based on RSA PKCS #1v1.5 encryption, as well as Diffie-Hellman modes. Our results can be applied to settings where mutual authentication is provided and to the more common situation where only server authentication is applied.
189 citations
TL;DR: Comparisons show that the proposed new authentication protocol for wireless sensor networks using elliptic curves cryptography is more suitable for WSNs.
Abstract: User authentication in wireless sensor networks (WSNs) is a critical security issue due to their unattended and hostile deployment in the field. Since sensor nodes are equipped with limited computing power, storage, and communication modules, authenticating remote users in such resource-constrained environments is a paramount security concern. To overcome the weaknesses of Yeh et al.’s protocol, we proposed a new authentication protocol for wireless sensor networks using elliptic curves cryptography. The comparisons show that our protocol is more suitable for WSNs.
148 citations
TL;DR: This work proposes a novel approach to automatic protocol reverse engineering based on dynamic program binary analysis and uses it to analyze the previously undocumented C&C protocol of MegaD, a spam botnet that at its peak produced one third of the spam on the Internet.
76 citations
TL;DR: A novel approach for automatic reverse engineering application-layer network protocols by extracting protocol keywords from network traces based on their support rates and variances of positions, reconstruct message formats, and infer protocol state machines is presented.
73 citations
TL;DR: Security analysis and performance analysis show the proposed improved three-party key agreement protocol using the enhanced Chebyshev chaotic map not only could withstand various attacks, but also has similar performance, which is very suitable for practical applications.
Abstract: Three-party key agreement protocol is an important cryptographic mechanism for secure communication, which allows two parties authenticate each other with the help of a trusted server. Very recently, Lai et al.’s proposed a novel three-party key agreement protocol using the enhanced Chebyshev chaotic map and claimed their protocol could withstand various attacks. Unfortunately, in this paper, we will show their protocol is vulnerable to the privileged insider attack and the off-line password guessing attack. To solve the problems, we propose an improved three-party key agreement protocol using the enhanced Chebyshev chaotic map. Security analysis and performance analysis show our protocol not only could withstand various attacks, but also has similar performance. Therefore, it is very suitable for practical applications.
58 citations
TL;DR: A secure protocol for spontaneous wireless ad hoc networks which uses an hybrid symmetric/asymmetric scheme and the trust between users in order to exchange the initial data and the secret keys that will be used to encrypt the data is presented.
Abstract: This paper presents a secure protocol for spontaneous wireless ad hoc networks which uses an hybrid symmetric/asymmetric scheme and the trust between users in order to exchange the initial data and to exchange the secret keys that will be used to encrypt the data. Trust is based on the first visual contact between users. Our proposal is a complete self-configured secure protocol that is able to create the network and share secure services without any infrastructure. The network allows sharing resources and offering new services among users in a secure environment. The protocol includes all functions needed to operate without any external support. We have designed and developed it in devices with limited resources. Network creation stages are detailed and the communication, protocol messages, and network management are explained. Our proposal has been implemented in order to test the protocol procedure and performance. Finally, we compare the protocol with other spontaneous ad hoc network protocols in order to highlight its features and we provide a security analysis of the system.
57 citations
Journal Article•
TL;DR: The authors shall show that the OSPA protocol is vulnerable to the guessing attacks in this paper.
Abstract: Password authentication is the most important and convenient protocol for verifying users to get the system’s resources Lin et al had proposed an optimal strongpassword authentication protocol (OSPA) which is a onetime password method It can protect against the replaying attacks, impersonation attacks, and denial of service attacks However, the authors shall show that the OSPA protocol is vulnerable to the guessing attacks in this paper
53 citations
TL;DR: This paper proposes a group authentication and key agreement protocol, called EG-AKA, for machine-type communications combining elliptic curve Diffie-Hellman (ECDH) based on EAP framework and demonstrates its efficiency in terms of the signaling overhead, the bandwidth consumption, and the transmission cost.
Abstract: Machine to machine (M2M) communications, also called machine-type communications (MTC), has widely been utilized in applications such as telemetry, industrial, automation, and SCADA systems. The group-based MTC, especially when MTC devices belong to non-3GPP network, will face new challenge of access authentication. In this paper, we propose a group authentication and key agreement protocol, called EG-AKA, for machine-type communications combining elliptic curve Diffie-Hellman (ECDH) based on EAP framework. Compared with conventional EAP-AKA, our protocol guarantees stronger security and provides better performance. Detailed security analysis has shown that the proposed EG-AKA protocol is secure in terms of user and group identity protection and resistance to several attacks. Furthermore, formal verification implemented in AVISPA proves that the proposed protocol is secure against various malicious attacks. Moreover, performance evaluation demonstrates its efficiency in terms of the signaling overhead, the bandwidth consumption, and the transmission cost.
53 citations
11 Mar 2013
TL;DR: This work presents distance-bounding protocols, how these can deter relay attacks, and the security models formalizing these protocols, and introduces the SKI protocol which enjoys resistance to all popular attack-models and features provable security.
Abstract: Relay attacks (and, more generally, man-in-the-middle attacks) are a serious threat against many access control and payment schemes. In this work, we present distance-bounding protocols, how these can deter relay attacks, and the security models formalizing these protocols. We show several pitfalls making existing protocols insecure (or at least, vulnerable, in some cases). Then, we introduce the SKI protocol which enjoys resistance to all popular attack-models and features provable security. As far as we know, this is the first protocol with such all-encompassing security guarantees.
52 citations
TL;DR: The analysis of security of the ECC-based authentication scheme for SIP shows that the scheme is suitable for the applications with higher security requirement and only needs to compute four elliptic curve scale multiplications and two hash-to-point operations.
Abstract: Session Initiation Protocol (SIP) has been widely used in the current Internet protocols such as Hyper Text Transport Protocol (HTTP) and Simple Mail Transport Protocol (SMTP). However, the original SIP authentication scheme was insecure and many researchers tried to propose schemes to overcome the flaws. In the year 2011, Arshad et al. proposed a SIP authentication protocol using elliptic curve cryptography (ECC), but their scheme suffered from off-line password guessing attack along with password change pitfalls. To conquer the mentioned weakness, we proposed an ECC-based authentication scheme for SIP. Our scheme only needs to compute four elliptic curve scale multiplications and two hash-to-point operations, and maintains high efficiency. The analysis of security of the ECC-based protocol shows that our scheme is suitable for the applications with higher security requirement.
40 citations
TL;DR: The main goal of this paper is to analyze the security of a multiple-key agreement protocol and to show that this protocol is vulnerable to forgery attack and a new efficient multiple- key agreement protocol is proposed, based on bilinear pairings and utilizes a novel signature scheme without one-way hash functions.
TL;DR: This paper proposes an active detection mechanism for NDP based attacks in IPv6 network to overcome these problems and experimental results illustrate the efficacy and performance of the scheme.
Abstract: Internet Protocol version 6 (IPv6) uses Network Discovery Protocol (NDP) to find the Media Access Control (MAC) address to communicate with hosts in a LAN. Like its predecessor, Address Resolution Protocol (ARP) in IPv4, NDP is stateless and lacks authentication by default. The traditional spoofing attacks for exploiting the IP to MAC resolution using ARP in IPv4 are also relevant in NDP. By using spoofed MAC addresses, a malicious host can also launch Denial-of-Service (DoS), Man-in-the-Middle(MiTM) attacks etc. in IPv6 network. Although there are various detection/prevention mechanisms available for IPv4, many of them are not yet implemented in IPv6 as the protocol is relatively new and slowly coming in use. Few mechanisms have been proposed for detection/prevention of these attacks in IPv6, but they either are non-scalable, computationally expensive, require management of cryptographic keys or change in the protocol itself. In this paper, we propose an active detection mechanism for NDP based attacks in IPv6 network to overcome these problems. Experimental results illustrate the efficacy and performance of the scheme.
TL;DR: A modified version PKM protocol for both unilateral and mutual authentication, which is termed as Self-organized Efficient Authentication and Key Management Scheme (SEAKS) authentication protocol is proposed to ensure secure end-to-end data transmission using distributed hop-by-hop authentication and localized key management schemes.
Abstract: Mobile Multihop Relay (MMR) network is one of the emerging technologies, especially LTE-Advanced, WiMAX and the Smart grid communications. Ensuring security is one of the most imperative and challenging issues in MMR networks. Privacy Key Management (PKM) protocol is proposed to ensure the security measures in MMR networks. However, the protocol still faces several security threats, specifically Denial of Service (DoS), replay attacks, Man in the Middle (MitM) attacks and the interleaving attacks, which is termed as Medium Access Control (MAC) layer attacks. This paper proposed a modified version PKM protocol for both unilateral and mutual authentication, which is termed as Self-organized Efficient Authentication and Key Management Scheme (SEAKS) authentication protocol. This protocol ensures secure end-to-end data transmission using distributed hop-by-hop authentication and localized key management schemes with a very simple and efficient way. The performance evaluation of the proposed schemes in terms of packet delivery ratio, packet overhead, processing time and the effect of increasing number of rogue relay stations is carried out and compared with the official draft of MMR WiMAX and the SEN XU. The result showed that our proposed scheme out-performed the base line protocols.
01 Jul 2013
TL;DR: The proposed adaptive multi-channel medium access control (MAC) protocol enables devices to real-time estimate the number of competing devices and adjust their operation parameters to maximize channel utilization.
Abstract: With the emergence of machine-to-machine (M2M) communications, trillions of devices will soon be interconnected to support new applications and services. The success of M2M communication relies on the scalability of underlying network architectures and protocols. In this paper, an adaptive multi-channel medium access control (MAC) protocol is proposed to address the scalability issue in M2M communications. The proposed MAC protocol enables devices to (1) real-time estimate the number of competing devices and (2) adjust their operation parameters to maximize channel utilization. Our numerical results show that the proposed protocol outperforms the existing multi-channel protocols, especially when the number of competing devices is large and fluctuates with time.
Patent•
28 Feb 2013TL;DR: In this article, the first phase comprises an exchange of data during an authentication handshaking protocol, followed by the passing of control for authentication handshake protocol by the data path processor to a control path processor.
Abstract: According to one embodiment of the invention, a method comprises an operation of commencing a first phrase and passing control of an authentication handshaking protocol. The first phase is commenced for establishing a secure communication path by a data path processor within a first network device. The first phrase comprises an exchange of data during an authentication handshaking protocol. The passing of control for authentication handshaking protocol by the data path processor to a control path processor is conducted to complete the authentication handshaking protocol.
07 Apr 2013
TL;DR: Analysis shows that the proposed novel secure RFID authentication protocol can not only efficiently resist the tag information leakage and the tag tracing attack, but also have a significant advantage in performance over Yeh et al.'s protocol.
Abstract: As low-cost tags based on the EPC C-1 G-2 standard are much limited in storage capacity and computation power, most of the existing authentication protocols are too complicated to be suitable for these tags, and the design of authentication protocols conforming to the EPC C-1 G-2 standard is a big challenge Recently, a mutual authentication protocol for RFID conforming to the EPC C-1 G-2 standard was proposed by Yeh et al, and it is claimed that this protocol has solved all security vulnerabilities in the existing RFID protocols However, in fact, it is proven that this scheme is vulnerable to the tag tracing attack and suffers from the information leakage issue, and the complexity of the successful attack is only 216 To address these issues efficiently, a novel secure RFID authentication protocol conforming to the EPC C-1 G-2 standard is proposed In the new scheme, the attack complexity is raised to 232 without changing the length of any protocol data Analysis shows that our protocol can not only efficiently resist the tag information leakage and the tag tracing attack, but also have a significant advantage in performance over Yeh et al's protocol
TL;DR: This paper improves the performance of Tree-based protocol with the property of Toeplitz matrix and finds that the Tree-LSHB+ protocol is still a good choice for RFID authentication.
Abstract: In this paper, we propose an enhancement of the Tree-based authentication protocol, named as the Tree-LSHB+ protocol. The protocol is a lightweight authentication protocol that is suitable for use in radio frequency identification (RFID) systems. Compared with the Tree-based HB authentication protocol, our protocol provides mutual authentication in authentication stage. The authentication keys stored in the reader and the tag are also updated when the mutual authentication succeeds. It means that two drawbacks can be avoided in the Tree-based authentication protocol, one is that only the reader authenticates the tag and the other is that the secret keys stored in the tags remain unchanged all the time. We also improve the performance of Tree-based protocol with the property of Toeplitz matrix and find that the Tree-LSHB+ protocol is still a good choice for RFID authentication.
TL;DR: A new union authentication protocol of cross-domain that can ensure the security of resource access in different domains, where the register keys of members in one domain are submitted to the key authentication center, rather than the private keys.
Abstract: With the development of network service technology such as grid computing, cloud computing, the cooperation among multiply domains is needed for these intelligent services that have the unlimited space and the unlimited speed. This paper proposes a new union authentication protocol of cross-domain that can ensure the security of resource access in different domains, where the register keys of members in one domain are submitted to the key authentication center, rather than the private keys. This authentication protocol can avoid the shortcoming that it is complex to deliver certification in the traditional cross-domain authentication based on PKI and prevent the authority counter from pretending to be a member to access resources in other domains in the current identity-based authentication. The performance analysis shows that the proposed authentication protocol has good anonymity and can track the entities when there are the inconsistent cases. At last, a prototype system that can implement the authentication protocol is given.
TL;DR: This paper proposes a robust authentication protocol based on Elliptic Curve Cryptography (ECC), which meets the requirement of resource-limited RFID systems and possesses remarkable security properties in RFID system and the immunity against the possible malicious attacks.
Abstract: The security and privacy of the tag carrier has become the bottle neck of Radio Frequency Identification (RFID) system development further. In this paper, we propose a robust authentication protocol based on Elliptic Curve Cryptography (ECC), which meets the requirement of resource-limited RFID systems. Our protocol achieves mutual authentication and possesses lightweight feature by reducing the computation cost over the tag end. Moreover, the proposed protocol possesses remarkable security properties in RFID system and the immunity against the possible malicious attacks as well as an excellent performance through the detailed security analysis. Performance evaluation and function comparison demonstrate that our protocol makes a balance between cost and security in RFID authentication protocol. Compared to the previous relevant RFID authentication protocols, our protocol improves efficiency, enhances robustness, which is well suitable for RFID tags with the scarceness of resources.
TL;DR: It is shown that AP-AKA has some drawbacks, including the huge bandwidth consumption between foreign network and the home network, the overhead of the stored space in the foreign network, and the overloaded home network with authentication of mobile stations.
Abstract: Recently, Zhang and Fang proposed a security analysis and enhancements of 3GPP authentication and key agreement protocol (AP-AKA for short). The enhancements of 3GPP authentication and key agreement protocol is proposed to improve some drawbacks of the current third-generation wireless communications. It also eliminates the need of synchronization between a mobile station and its home network. However, this paper shows that AP-AKA has some drawbacks, including the huge bandwidth consumption between foreign network and the home network, and the overhead of the stored space in the foreign network, and the overloaded home network with authentication of mobile stations. As a result, an extension of AP-AKA is proposed, which improves theses drawbacks, while preserving the superior merits of AP-AKA.
[...]
TL;DR: This work investigates the possibility to provide active authentication almost "for free" with the PACE|CA protocol, by re-using some of the randomness from the Pace protocol for authentication.
Abstract: The International Civil Aviation Organization (ICAO) has adopted the password-based connection establishment protocol (PACE) for securing the contactless communication between the machine-readable travel documents and the readers at border controls. This Diffie-Hellman based protocol achieves impersonation resistance at password strength. To reinforce authentication of the travel documents beyond this lowentropy security, the challenge-response based active authentication protocol could be executed afterwards. However, this optional protocol is often omitted for efficiency reasons. In order to salvage strong security we investigate the possibility to provide active authentication almost "for free" with the PACE|CA protocol, by re-using some of the randomness from the PACE protocol for authentication.
Journal Article•
TL;DR: This paper discusses the security for a simple and efficient three"party password"based authenticated key exchange protocol proposed by Huang most recently and proposes an enhanced protocol that can defeat the attacks described and yet is reasonably efficient.
Abstract: This paper discusses the security for a simple and efficient three"party password"based authenticated key exchange protocol proposed by Huang most recently. Our analysis shows her protocol is still vulnerable to three kinds of attacks: 1). undetectable on"line dictionary attacks, 2). ke y"compromise impersonation attack. Thereafter we pr opose an enhanced protocol that can defeat the attacks described and yet is reasonably efficient.
TL;DR: In this paper, the authors proposed an extended version of the ping-pong protocol, which incorporates the usage of mutually unbiased bases in the control mode, and provided the upper bounds on eavesdropping average non-detection probability and proposed a control mode modification that increases the attack detection probability.
Abstract: In this paper we propose an extended version of the ping---pong protocol and study its security. The proposed protocol incorporates the usage of mutually unbiased bases in the control mode. We show that, by increasing the number of bases, it is possible to improve the security of this protocol. We also provide the upper bounds on eavesdropping average non-detection probability and propose a control mode modification that increases the attack detection probability.
01 Jan 2013
TL;DR: This investigation shows that the proposed hash-based RFID mutual authentication protocol can provide mutual authentication and untraceability as well as resistance to replay, denial-of-service and man-in-the-middle attacks, while retaining a competitive computation cost.
Abstract: Radio Frequency Identification (RFID) tags, due to their ability to uniquely identify every individual item and low cost, are well suited for supply chain management and are expected to replace barcodes in the near future. However, unlike barcodes, these tags have a longer range in which they are allowed to be scanned, subjecting them to unauthorized scanning by malicious readers and to various other attacks, including cloning attacks. Privacy and security concerns inhibit the fast adaption of RFID technology for many applications. A number of authentication protocols that address these concerns have been proposed but realworld solutions that are secure and maintain low communication cost are still needed and being investigated. Recently, Cho et al. proposed a hash-based RFID mutual authentication protocol using a secret value. However, this paper shows that Cho et al.’s protocol is weak against desynchronization attack and proposes a remedy mutual authentication protocol, which offers a high level of security based on hash operation with synchronized secret. The protocol is applicable to resource, power and computationally constraint platforms such as RFID tags. Our investigation shows that it can provide mutual authentication and untraceability as well as resistance to replay, denial-of-service and man-in-the-middle attacks, while retaining a competitive computation cost.
18 Oct 2013
TL;DR: This paper proposes RAP, a challenge-response authentication protocol that is able to detect and prevent the beacon replay attack, and provides an analysis that highlights the trade-offs between the energy consumption and the level of security, defined as the resilience of the protocol to space exhaustion.
Abstract: In receiver-initiated MAC protocols for Wireless Sensor Networks WSNs, communication is initiated by the receiver of the data through beacons containing the receiver's identity. In this paper, we consider the case of a network intruder that captures and replays such beacons towards legitimate nodes, pretending to have a fake identity within the network. To prevent this attack we propose RAP, a challenge-response authentication protocol that is able to detect and prevent the beacon replay attack. The effectiveness of the protocol is formally verified using OFMC and ProVerif. Furthermore, we provide an analysis that highlights the trade-offs between the energy consumption and the level of security, defined as the resilience of the protocol to space exhaustion.
24 Oct 2013
TL;DR: This paper presents a secure mutual authentication protocol for RFID systems that is based on symmetric key technique with an efficient key updating mechanism to improve the system security against replay, eavesdropping and man-in-the-middle attacks while maintaining lower computation, communication and storage.
Abstract: RFID systems are being used in various pervasive applications. Therefore, security and privacy protection is an important issue that needs to be addressed. In this paper, we present a secure mutual authentication protocol for RFID systems that is based on symmetric key technique with an efficient key updating mechanism. The objective is to improve the system security against replay, eavesdropping and man-in-the-middle attacks while maintaining lower computation, communication and storage. We also compare our authentication method with some recent protocols that deploy the same cipher (XTEA) by implementing the protocols on the same RF based system. Our proposed authentication protocol provides higher security level and lower computation and communication costs.
TL;DR: Compared to other authentication protocols with respect of security and performance, the results shows that the proposed protocol is feasible for RFID tags which are low cost and resource-constrained devices.
Abstract: Last few years, many security schemes are designed for RFID system since the release of the EPC Class 1 Generation 2 standard. In 2010, Yeh et al. proposed a new RFID authentication protocol conforming to EPC Class 1 Generation 2 standard. Yoon pointed that their protocol still had two serious security problems such as DATA integrity problem and forward secrecy problem. Then he proposed an improved protocol which claimed to eliminate the weakness in 2011. This paper shows that Yoon’ s protocol had no resistance to replay attack and did not resolve the problem of data forge and tag’s location privacy. An improved protocol is also proposed to protect RFID system from all major attacks. By comparing to other authentication protocols with respect of security and performance, the results shows that the proposed protocol is feasible for RFID tags which are low cost and resource-constrained devices.
TL;DR: A secure multicast key protocol with perfect forward secrecy is proposed to ensure confidentiality and authentication of this kind of e-mail system, which employs the Chinese Remainder Theorem, RSA public key cryptosystems, and one-way hash functions.
Abstract: Electronic mail (e-mail) systems are widely used in the Internet. A user usually needs to send an e-mail to a group of users. In this paper, a secure multicast key protocol for e-mail systems with providing perfect forward secrecy is proposed to ensure confidentiality and authentication of this kind of e-mail system. The protocol employs the Chinese Remainder Theorem, RSA public key cryptosystems, and one-way hash functions. The protocol can save redundant key materials used for the e-mails. Via the security analysis, the protocol can satisfy the security requirements. In addition, we analyze the computation complexity of the protocol. The result showed that the protocol can save the computation cost for each e-mail sender. Copyright © 2012 John Wiley & Sons, Ltd.
09 Sep 2013
TL;DR: This work proposes an efficient and lightweight certificateless authentication protocol for WBAN that reaches anonymity, mutual authentication, non-reputation and some other security features, and a comparison of security features between the proposed protocol and the other schemes.
Abstract: The emergence of wireless body area networks (WBAN) provides ubiquitous wireless communication services for users. But the characteristic of WBAN makes it inevitably suffer from many kinds of attacks, in order to ensure the safety of data (especially the user's privacy information) in transmission and storage. We propose an efficient and lightweight certificateless authentication protocol for WBAN. The protocol reaches anonymity, mutual authentication, non-reputation and some other security features. Moreover, the BAN network coordinator (BNC) only performs some relatively simple operations. The proposed certificateless authentication protocol is based on the design idea of short certificateless signature scheme. Finally, we give a comparison of security features between the proposed protocol and the other schemes. The result shows our scheme has higher computing efficiency and security.
TL;DR: Proved user authentication protocol based on Elliptic Curve Cryptography (ECC) has been introduced for hierarchical wireless sensor networks (HWSN) and shows that the ECC based protocol is suitable for wireless Sensor networks where higher security is demanded.
Abstract: User authentication in case of wireless sensor network is a very critical task, as sensor nodes are deployed in unattached environment and are prone to possible hostile network attacks. Any authentication protocol in WSN must be designed keeping the fact that sensor nodes have limited computing power, memory, energy and communication capabilities. In this paper,animproved user authentication protocol based on Elliptic Curve Cryptography (ECC) has been introduced for hierarchical wireless sensor networks (HWSN). This paper shows that the ECC based protocol is suitable for wireless sensor networks where higher security is demanded. Besides thisthe proposed scheme provides mutual authentication and a secret session key for communication between the user and the cluster head. It also providesan option for addition or replacement of cluster head in the network whenever there is a need.