Topic
Otway–Rees protocol
About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.
Papers published on a yearly basis
Papers
More filters
TL;DR: In this paper, two desynchronization attacks were found to break the protocol and two patches that slightly modify the protocol are presented in order to repair the protocol, two patches were presented in the paper.
Abstract: Security issues become more and more significant in RFID development. Recently, Chien proposed an ultralightweight RFID authentication protocol in order to achieve privacy and authenticity with limited computation and transmission resources. However, we find two desynchronization attacks to break the protocol. In order to repair the protocol, two patches that slightly modify the protocol are presented in the paper.
104 citations
15 Jul 2003
TL;DR: It is demonstrated that these techniques suffice for identifying a number of authentication flaws in symmetric key protocols such as Needham-Schroeder, Otway-Rees, Yahalom and Andrew Secure RPC.
Abstract: We perform a systematic expansion of protocol narrations into terms of process algebra in order to make precise some of the detailed checks that need to be made in a protocol. We then apply static analysis technology to develop an automatic validation procedure for protocols. Finally, we demonstrate that these techniques suffice for identifying a number of authentication flaws in symmetric key protocols such as Needham-Schroeder, Otway-Rees, Yahalom and Andrew Secure RPC.
103 citations
TL;DR: This paper presents an efficient bio-cryptographic security protocol designed for client/server authentication in current mobile computing environment, with a reasonable assumption that server is secure.
Abstract: With fast evolution of mobile devices and mobile network, the need of protecting user sensitive information locally and performing secure user authentication remotely become evermore increasing. Bio-cryptography is emerging as a powerful solution which can combine the advantages of conventional cryptography and biometric security. In this paper, we present an efficient bio-cryptographic security protocol designed for client/server authentication in current mobile computing environment, with a reasonable assumption that server is secure. In this protocol, fingerprint biometric is used in user verification, protected by a computationally efficient Public Key Infrastructure (PKI) scheme, Elliptic Curve Cryptography (ECC). The genuine fingerprint information is hidden in the feature vault which is the mixture of genuine and chaff features. Fingerprint features are not only used for biometric verification but also for cryptographic key generation. Our security analysis shows that the proposed protocol can provide a secure and trustworthy authentication of remote mobile users over insecure network. Experimental results on public domain database show an acceptable verification performance. We also tested the computational costs and efficiency of our protocol on the CLDC emulator using Java ME (previous J2ME) programming technology. The simulation results prove that the proposed protocol suits current mobile environment. Copyright © 2010 John Wiley & Sons, Ltd.
102 citations
28 Oct 2007
TL;DR: This paper formally proves the security of the protocol in the Universal Composability framework, based on number-theoretic assumptions, that has "everlasting privacy": even a computationally unbounded adversary gains no information about specific votes from observing the protocol's output.
Abstract: In this paper we propose a new voting protocol with desirable security properties. The voting stage of the protocol can be performed by humans without computers; it provides every voter with the means to verify that all the votes were counted correctly (universal verifiability) while preserving ballot secrecy. The protocol has "everlasting privacy": even a computationally unbounded adversary gains no information about specific votes from observing the protocol's output. Unlike previous protocols with these properties, this protocol distributes trust between two authorities: a single corrupt authority will not cause voter privacy to be breached. Finally, the protocol is receipt-free: a voter cannot prove how she voted even she wants to do so. We formally prove the security of the protocol in the Universal Composability framework, based on number-theoretic assumptions.
99 citations
31 Aug 2005
TL;DR: A proof of the self-stabilizing nature of the protocol is provided, and the average cost (in time and number of messages) to achieve convergence is experimentally measured.
Abstract: We propose a self-stabilizing and modeless peer-to-peer (P2P) network construction and maintenance protocol, called the Ring Network (RN) protocol. The RN protocol, when started on a network of peers that are in an arbitrary state, will cause the network to converge to a structured P2P system with a directed ring topology, where peers are ordered according to their identifiers. Furthermore, the RN protocol maintains this structure in the face of peer joins and departures. The RN protocol is a distributed and asynchronous message-passing protocol, which fits well the autonomous behavior of peers in a P2P system. The RN protocol requires only the existence of a bootstrapping system which is weakly connected. Peers do not need to be informed of any global network state, nor do they need to assist in repairing the network topology when they leave. We provide a proof of the self-stabilizing nature of the protocol, and experimentally measure the average cost (in time and number of messages) to achieve convergence.
98 citations