Topic
Otway–Rees protocol
About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.
Papers published on a yearly basis
Papers
More filters
08 Nov 2002
TL;DR: In this article, the authors show how the interaction between a protocol and its environment can have a major effect on a protocol, and demonstrate a number of attacks on published and/or widely used protocols that are not feasible against the protocol running in isolation but become feasible in some application environments.
Abstract: Most work on requirements in the area of authentication protocols has concentrated on identifying requirements for the protocol without much consideration of context. Little work has concentrated on assumptions about the environment, for example, the applications that make use of authenticated keys. We will show in this paper how the interaction between a protocol and its environment can have a major effect on a protocol. Specifically we will demonstrate a number of attacks on published and/or widely used protocols that are not feasible against the protocol running in isolation (even with multiple runs) but become feasible in some application environments. We will also discuss the tradeoff between putting constraints on a protocol and putting constraints on the environment in which it operates.
11 citations
22 Oct 2014
TL;DR: An attack algorithm is presented that can be employed to mount a number of attacks on the biometric authentication protocol under investigation and an improved version of the Bringer et al. protocol is proposed that is secure in the malicious or active insider attack model and has forward security.
Abstract: Biometric authentication establishes the identity of an individual based on biometric templates e.g. fingerprints, retina scans etc.. Although biometric authentication has important advantages and many applications, it also raises serious security and privacy concerns. Here, we investigate a biometric authentication protocol that has been proposed by Bringer et al. and adopts a distributed architecture i.e. multiple entities are involved in the authentication process. This protocol was proven to be secure and privacy-preserving in the honest-but-curious or passive attack model. We present an attack algorithm that can be employed to mount a number of attacks on the protocol under investigation. We then propose an improved version of the Bringer et al. protocol that is secure in the malicious or active insider attack model and has forward security.
11 citations
28 Sep 2010
TL;DR: This paper presents a robust and efficient key exchange protocol for nodes authentication in a MANET based on multi-path communication that has a minimal computation and communication overhead that makes it ideally suitable for MANETs.
Abstract: A mobile ad hoc network (MANET) is a collection of mobile nodes that communicate with each other by forming a multi-hop radio network. Security remains a major challenge for these networks due to their features of open medium, dynamically changing topologies, reliance on cooperative algorithms, absence of centralized monitoring points, and lack of clear lines of defense. Design of an efficient and reliable node authentication protocol for such networks is a particularly challenging task since the nodes are battery-driven and resource constrained. This paper presents a robust and efficient key exchange protocol for nodes authentication in a MANET based on multi-path communication. Simulation results demonstrate that the protocol is effective even in presence of large fraction of malicious nodes in the network. Moreover, it has a minimal computation and communication overhead that makes it ideally suitable for MANETs.
11 citations
02 Aug 2005
TL;DR: Analysis shows that the proposed identity-based authentication and key exchange protocol is secure with partial forward secrecy, and efficient for considering the asymmetric wireless environment.
Abstract: Heavily based on the provable security model of Canetti and Krawczyk (CK-model), an identity-based authentication and key exchange (AKE) protocol which uses pairings is proposed for securing heterogeneous wireless access in this paper. By using the CK-model approach, an ideal and secure key exchange protocol was first proposed. Then a full-fledged authenticator is built to provide authentication of the ideal protocol. This completes a practical AKE protocol for heterogeneous environment while carrying the security proof. Analysis shows that our protocol is secure with partial forward secrecy, and efficient for considering the asymmetric wireless environment.
11 citations
01 Nov 2012
TL;DR: This paper scrutinizes the security of a Gen2 based RFID authentication protocol which has been recently proposed by Yi et al.
Abstract: There is a high need for secure authentication protocols conforming with the EPC Class-1 Generation 2 (Gen2 in short) standard. The security analyses of the new born authentication protocols provide some guidelines and lessons that should be considered in the design of new proposals. In this paper, we scrutinize the security of a Gen2 based RFID authentication protocol which has been recently proposed by Yi et al. [8]. Our security analysis highlights important security pitfalls in this proposal. More precisely, we show a simple approach to desynchronize the tag and the reader. Moreover, we present tag impersonation and reader impersonation attacks. Finally, we show how the use of random numbers does not prevent traceability attack. The success probability of all the proposed attacks is 1 and their complexity is minimal since at most one eavesdropped session of the protocol is required.
11 citations