Topic
Otway–Rees protocol
About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.
Papers published on a yearly basis
Papers
More filters
TL;DR: This paper modeled the information flow of xDAuth protocol using high-level Petri nets to understand the protocol information flow in a distributed environment and formal analysis and verification results reveal the fact that the protocol fulfills its intended purpose and provides the security for the defined protocol specific properties.
Abstract: Service-oriented architecture offers a flexible paradigm for information flow among collaborating organizations. As information moves out of an organization boundary, various security concerns may arise, such as confidentiality, integrity, and authenticity that needs to be addressed. Moreover, verifying the correctness of the communication protocol is also an important factor. This paper focuses on the formal verification of the xDAuth protocol, which is one of the prominent protocols for identity management in cross domain scenarios. We have modeled the information flow of xDAuth protocol using high-level Petri nets to understand the protocol information flow in a distributed environment. We analyze the rules of information flow using Z language, while Z3 SMT solver is used for the verification of the model. Our formal analysis and verification results reveal the fact that the protocol fulfills its intended purpose and provides the security for the defined protocol specific properties, e.g., secure secret key authentication, and Chinese wall security policy and secrecy specific properties, e.g., confidentiality, integrity, and authenticity.
12 citations
27 Sep 1995
TL;DR: A new public-key user authentication protocol for mobile communication network is presented based on Harn, which overcomes the shortcomings of secret-key authentication protocol used in GSM and CT-2 systems, and has lower computational complexity and a higher security.
Abstract: A new public-key user authentication protocol for mobile communication network is presented based on Harn (see Electronics Letters, vol.30, no.5, p.396, 1994) proposed modified ElGa-mal signature system and Rabin cryptosystem. It overcomes the shortcomings of secret-key authentication protocol used in GSM and CT-2 systems, and a has lower computational complexity and a higher security.
12 citations
TL;DR: This paper shows the DOS attack on the ROSI protocol, and proposes an improved scheme that conquers the weakness and extends its key agreement function, and improves the server's performance.
Abstract: Robust and simple authentication protocol (ROSI) is a highly efficient authentication protocol. However, its state-synchronization property makes it vulnerable to the denial of service (DOS) attack. This paper shows the DOS attack on the ROSI protocol, and proposes an improved scheme that conquers the weakness and extends its key agreement function, and improves the server's performance.
12 citations
11 Sep 2012
TL;DR: A hash-function based mutual authentication protocol for low-cost RFID-tags in which calculation resources are limited and randomly-picked nicknames shared between theRFID-tag and the back-end system are transmitted in the air.
Abstract: RFID technologies in IoT systems enable to recognize animate or inanimate objects via radio frequency signals. However, RFID has several privacy problems such as object tracking by reading and tracking the ID transmitted from the RFID-tag. To solve such problems, it is required that the RFID-tag should transmit its information to only legitimate readers, i.e., mutual authentication between the RFID-tag and the back-end system is required. This paper proposes a hash-function based mutual authentication protocol for low-cost RFID-tags in which calculation resources are limited. To prevent attackers eavesdropping tag's ID, randomly-picked nicknames shared between the RFID-tag and the back-end system are transmitted in the air. Simulation results show that our protocol consumes less time than a famous mutual authentication protocol, the Gossamer protocol. Security and performance analyses show that our protocol is superior to existing protocols. Thus, this paper demonstrates great potentials in the application into low-cost RFID in IoT systems.
12 citations
20 Apr 2006
TL;DR: The implementation of mobile node's authentication and authorization is presented with PANA (protocol for carrying authentication for network access) protocol, which provides the supports to the basic AAA process of mobile IPv6 nodes and dynamic home agent distribution in the visited network and the secret key distribution.
Abstract: The Diameter protocol is recommended by IETF as AAA (Authentication, Authorization and Accounting) protocol criterion for the next generation network. Because the IPv6 protocol will be widely applied in the intending all-IP network, mobile IPv6 application based on Diameter protocol will play more important role in authentication, authorization and accounting. In this paper, the implementation of mobile node's authentication and authorization is presented with PANA (Protocol for carrying Authentication for Network Access) protocol. It is based on Diameter protocol for the application expansion of mobile IPv6, which provides the supports to the basic AAA process of mobile IPv6 nodes and dynamic Home Agent distribution in the visited network and the secret key distribution. Finally, the correctness of this application expansion is testified with developing the design of protocol based on OpenDiameter.
12 citations