Topic
Otway–Rees protocol
About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.
Papers published on a yearly basis
Papers
More filters
01 Sep 1999
TL;DR: It is argued that subtle paradigm shifts often occur during protocol analysis which affect the definition of a protocol attack, and by becoming aware of these paradigm shifts, one can be more aware of what a specific attack actually accomplishes.
Abstract: Authentication protocols are widely believed to be error prone because most analyses conclude with claims of discovering new attacks on the protocols. While proofs of security for authentication protocols are rightly viewed with circumspection, claims of attacks arc rarely challenged. We propose a closer examination of how protocol attacks are defined in the light of different conclusions of four different analyses of the Needham-Schroeder protocols. We argue that subtle paradigm shifts often occur during protocol analysis which affect the definition of a protocol attack. By becoming aware of these paradigm shifts, we can be more aware of what a specific attack actually accomplishes.
16 citations
TL;DR: The improved protocol is able to defeat the modification attack and is as efficient as the Hwang-Shiau-Lai protocol and provides the perfect forward secrecy.
Abstract: Recently, Hwang, Shiau and Lai proposed an efficient authentication key exchange protocol to decrease the computation cost of the Harn-Lin improved protocol. However, the Hawang-Shiau-Lai protocol cannot withstand the modification attack. Therefore, this paper will propose an improved protocol to enhance the security of the Hwang-Shiau-Lai protocol. The improved protocol is able to defeat the modification attack and is as efficient as the Hwang-Shiau-Lai protocol. Moreover, the improved protocol also provides the perfect forward secrecy.
16 citations
22 May 2007
TL;DR: Choi et al. as mentioned in this paper proposed an efficient RFID authentication protocol for a ubiquitous computing environment, OHLCAP (One Way Hash based Low-Cost Authentication Protocol), which reveals that the protocol has several security weaknesses.
Abstract: Choi et al. recently proposed an efficient RFID authentication protocol for a ubiquitous computing environment, OHLCAP (One-Way Hash based Low-Cost Authentication Protocol). However, this paper reveals that the protocol has several security weaknesses : 1) traceability based on the leakage of counter information, 2) vulnerability to an impersonation attack by maliciously updating a random number, and 3) traceability based on a physically-attacked tag. Finally, a security enhanced group-based authentication protocol is presented.
16 citations
TL;DR: A public-key based authentication and key establishment protocol coupled with a sophisticated client puzzle, which together provide a versatile solution for possible DoS attacks and various other common attacks during an authentication process.
Abstract: Network Denial-of-Service (DoS) attacks, which exhaust server resources and network bandwidth, can cause the target servers to be unable to provide proper services to the legitimate users and in some cases render the target systems inoperable and/or the target networks inaccessible. DoS attacks have now become a serious and common security threat to the Internet community. Public Key Infrastructure (PKI) has long been incorporated in various authentication protocols to facilitate verifying the identities of the communicating parties. The use of PKI has, however, an inherent problem as it involves expensive computational operations such as modular exponentiation. An improper deployment of the public-key operations in a protocol could create an opportunity for DoS attackers to exhaust the server's resources. This paper presents a public-key based authentication and key establishment protocol coupled with a sophisticated client puzzle, which together provide a versatile solution for possible DoS attacks and various other common attacks during an authentication process. Besides authentication, the protocol also supports a joint establishment of a session key by both the client and the server, which protects the session communications after the mutual authentication. The proposed protocol has been validated using a formal logic theory and has been shown, through security analysis, to be able to resist, besides DoS attacks, various other common attacks.
16 citations
TL;DR: The analysis results show that the improved “Ping-pong” protocol is more secure than the other two protocols presented, and three detection strategies are compared quantitatively by using the constraint between the information which an eavesdropper can obtain and the interference introduced.
Abstract: In order to transmit the secure message, a deterministic secure quantum direct communication protocol which was called “Ping-pong” protocol was proposed by Bostrom and Felbinger [Bostrom K, et al. Phys Rev Lett, 2002, 89: 187902]. But the protocol was proved very vulnerable, and can be attacked by an eavesdropper. An improved “Ping-pong” protocol is presented to overcome the problem. The GHZ state particles are used to detect eavesdroppers, and the classical XOR operation which serves as a one-time-pad is used to ensure the security of the protocol. During the security analysis, the method of the entropy theory is introduced, and three detection strategies are compared quantitatively by using the constraint between the information which an eavesdropper can obtain and the interference introduced. If the eavesdropper gets the full information, the detection rate of the original “Ping-pong” protocol is 50%; the detection rate of the second protocol which used two particles of EPR pair as detection particles is also 50%; and the detection rate of the presented protocol is 75%. In the end, the security of the proposed protocol is discussed. The analysis results show that the improved “Ping-pong” protocol in this paper is more secure than the other two.
16 citations