Topic
Otway–Rees protocol
About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.
Papers published on a yearly basis
Papers
More filters
18 Aug 2009
TL;DR: This study proposes an improved single sign-on protocol that increases the two data flows which from authentication server AS to ticket-granting server TGS and from TGS to application servers V, and it adopts public key encryption system and USB cryptogram key to prevent password attack.
Abstract: Because of the password attack and the replay attack are existing comparatively serious threats for a traditional single sign-on protocol, and the most methods of this issue solving are all not paying the attention to impact on the whole system caused by unsafe client. In this regard, this study proposes an improved single sign-on protocol. Based on the traditional single sign-on protocol, it increases the two data flows which from authentication server AS to ticket-granting server TGS and from TGS to application servers V, and it adopts public key encryption system and USB cryptogram key to prevent password attack, which is leading to improve the client work efficiency and degrade its security gravity; moreover, it adds the authenticated clients database for the authentication validation and the authorized clients database for the authority validation, which would greatly be enhanced the ability of preventing from the replay attack of the system and benefit to the system’s audit.
11 citations
TL;DR: In this article, an energy-efficient hybrid key management (EHKM) protocol is proposed in which the heterogeneous security requirements of a wireless sensor network are considered to provide differing levels of security with mini- mum communication overhead.
Abstract: In this paper, an energy-efficient hybrid key management (EHKM) protocol is proposed in which the heterogeneous security requirements of a wireless sensor network are considered to provide differing levels of security with mini- mum communication overhead. Additionally, it allows the dynamic creation of high security subnetworks within the wireless sensor network and provides subnetworks with a mechanism for dynamically creating a secure key using a novel and dynamic group key management protocol. The proposed energy-efficient protocol utilizes a combination of pre-deployed group keys and initial trustworthiness of nodes to create a level of trust between neighbors in the network. This trust is later used to allow secure communication between neighbors when creating a dynamic, high security subnetwork within the sensor network. This static and dynamic key management combination creates a hybrid key management protocol. Analysis of the pro- posed protocol with network and cluster sizes and different node failures is performed using the Ns2 network simulator. Additionally, the protocol is compared to other protocols, for example LEAP and a recent dynamic group key management protocol. Additionally, the security of the proposed protocol is analyzed against various attacks by an adversary. Also the overhead due to communication and computation is investigated.
11 citations
TL;DR: The BGSW protocol is redesigned under the concept and a cost-effective solution is shown and it is shown that it is reasonable to design a more efficient authentication protocol despite its loss efficiency in dishonest communication situation.
Abstract: Designing an efficient and secure authentication technique to detect fraudulent behavior is a very important subject in mobile network systems. However, treating each transaction as a suspect seems to contradict the fact that most communication behaviors are honest. Based on this fact, it is reasonable to design a more efficient authentication protocol despite its loss of efficiency in dishonest communication situations. In such a way, an overall cost-effective solution can be obtained. In this paper, the BGSW protocol is redesigned under the concept and a cost-effective solution is shown. However, we have to emphasize that main purpose of this paper is not to improve the BGSW protocol, but to show the new idea that it is reasonable to design a more efficient authentication protocol despite its loss efficiency in dishonest communication situation.
11 citations
01 Jan 2008
TL;DR: Nowadays mobile and fixed networks are trusted with highly sensitive information, which must be protected by security protocols, which are vulnerable to a host of subtle attacks, such as replay, parallel session and type-flaw attacks.
Abstract: Nowadays mobile and fixed networks are trusted with highly sensitive information, which must be protected by security protocols. However, security protocols are vulnerable to a host of subtle attacks, such as replay, parallel session and type-flaw attacks. Designing protocols to be impervious to these attacks has been proven to be extremely challenging and error prone.
11 citations
08 Dec 2014
TL;DR: A novel approach is proposed in the mining of unknown binary protocol state machine that allows to automatically generating the state models for binary protocol by listening to network traces and then based on the state relevant fields to construct the protocol state model.
Abstract: Communication protocol reverse engineering has played an important role in the field of network security. Inferring protocol state machine for unknown protocol is a part of protocol specifications mining. This paper proposed a novel approach in the mining of unknown binary protocol state machine. It allows to automatically generating the state models for binary protocol by listening to network traces. We present a new methodology to align the corresponding fields and extract the state relevant fields from binary protocol communication traces, and then based on the state relevant fields to construct the protocol state model. The experimental results of ARP and TCP show that our approach is effective.
11 citations