Otway–Rees protocol

About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.

The Security Analysis on Otway-Rees Protocol Based on BAN Logic

Abstract: This paper analyzes the Otway-Rees protocol based on BAN logic after has introducing the BAN logic. It has verified that the BAN logic can be used formally and prove the correctness and security of the protocols, which indicates that BAN logic is an important tool for analyzing cryptographic protocols. The paper has established the ideal protocol model to Otway-Rees protocol based on the BAN logic, which uses the initial assumption of the protocol and the publicly known assumption of the BAN logic to analyze the security of Otway-Rees protocol.

An Improved SIP Authentication Scheme Based on Server-Oriented Biometric Verification

Abstract: The Session Initiation Protocol (SIP) provides a way to control the wired and wireless Voice over Internet Protocol-based communication over an insecure channel. The SIP protocol is not secure due to relying on an intrinsically open text-based communication, which further stresses the strengthening of SIP authentication protocols. Many solutions have been put forward in the last few years to design the secure and efficient SIP authentication protocols for multimedia. Recently, Zhang et al. proposed a SIP authentication protocol with an enhanced feature that enables the server authenticate the users on the basis of biometric verification. However, after a careful observation, one can witness few limitations regarding privileged insider attack, session specific temporary attack, De-synchronization attack; denial-of-service attack, inefficient password modification and lack forward secrecy compromise. We have proposed a secure scheme countering the identified flaws of Zhang et al. and other contemporary schemes. We also demonstrate the security strength of proposed scheme by employing the formal security analysis under BAN logic.

Energy-efficient source authentication for secure group communication with low-powered smart devices in hybrid wireless/satellite networks

Abstract: We describe a new class of lightweight, symmetric-key digital certificates called extended TESLA certificates and a source authentication protocol for wireless group communication that is based on the certificate. The certificate binds the identity of a wireless smart device to the anchor element of its key chain; keys from the chain are used for computing message authentication codes (MACs) onmessages sourced by the device. The authentication protocol requires a centralized infrastructure in the network: we describe the protocol in a hybrid wireless network with a satellite overlay interconnecting the wireless devices. The satellite is used as the Certificate Authority (CA) and also acts as the proxy for the senders in disclosing the MAC keys to the receivers. We also design a probabilistic nonrepudiation mechanism that utilizes the satellite's role as the CA and sender proxy. Through analysis, we show that the authentication protocol is secure against malicious adversaries. We also present detailed simulation results that demonstrate that the proposed protocol is much cheaper than traditional public key-based authentication technologies for metrics like processing delay, storage requirements, and energy consumption of the smart devices.

Lower and upper bounds for attacks on authentication protocols

Abstract: Many authentication protocols are intended to work correctly in the presence of an adversary that can intercept messages, perform an unbounded number of encryptions and other operations while fabricating messages, and prompt honest principals to engage in an unbounded number of concurrent (i.e., interleaved) runs of the protocol. The amount of local state maintained by a single run of an authentication protocol is bounded. This suggests the existence of upper bounds on the resources needed to attack a protocol. Such bounds provide a rigorous basis for automated verification. We sketch a Language for Authentication Protocols (LAP), based on [WL93], and establish an exponential lower bound on the worst-case number of concurrent runs needed in a successful attack on a LAP protocol. Details appear in [Sto98a]. An exponential upper bound would be too large to enable automated verification. This shows the need to impose additional restrictions on the class of protocols, as done in [Sto98b], which gives a polynomial upper bound. The relevant kinds of statements (slightly simplified) in LAP are: NewValue(v), which generates a unique value (e.g., a nonce or session key) and binds variable v to it; Send(x, t), which sends a message t to x; and Receive(pat), which receives a message m and binds the unbound variables in pattern pat to the corresponding subterms of m. The Receive statement attempts pattern-matching between a candidate message m and the pattern. A pattern can express that the message should be a ciphertext produced with a given key. If m is encrypted with the given key (if any) and there exist bindings for the unbound variables of pat such that pat with those bindings equals m, then the Receive statement executes and establishes those bindings. The Receive statement blocks until this condition is satisfied. A local protocol is a finite sequence of statements satisfying some well-formedness requirements. A protocol is, roughly, a set of local protocols, one for each role (or participant) in the protocol. A secrecy requirement asserts that certain values are not revealed to the adversary.

An Improved Two-Party Authentication Key Exchange Protocol for Mobile Environment

Abstract: Mobile environment has been used in large area range of network. In order to secure communication, a number of schemes have been proposed. The typical schemes are two-party authentication key exchange (2PAKE) protocols. It is based on elliptic curve cryptosystem. The main weakness of the protocol is that attackers have the ability to impersonate a legal user at any time. In addition, it is vulnerable to the public key problem and unknown key share attack. In this paper, we propose a 2PAKE protocol. Our protocol is indeed safer and meets the needs. Hence, the proposed protocol has a great contribution to the area of mobile environment.