scispace - formally typeset
Search or ask a question
Topic

Otway–Rees protocol

About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.


Papers
More filters
Journal ArticleDOI
TL;DR: This paper proposes an enhanced EPC-compliant protocol entitled YAYA, by applying some minor modifications to the original protocol so that it provides the claimed security properties.
Abstract: EPC class 1 Generation-2 (or in short term EPC-C1 G2) is one of the most important standards for RFID passive tags. However, the original protocol is known to be insecure. To improve the security of this standard, several protocols have been proposed which are compliant to this standard. In this paper, we analyze the security of a protocol which has been recently proposed by Lo and Yeh (2010). Despite the designers’ claim, which is optimal security, however, we present a passive attack which can retrieve all secret parameters of the tag efficiently. The cost of this attack is eavesdropping only one session of protocol between the tag and a legitimate reader and 216 PRNG-function evaluations in off-line. In addition, we show that an active adversary can retrieve secret parameters more efficiently, that is, with the complexity of two consequence sessions of protocol and without the need for PRNG-function evaluation. The success probability of the given attacks are “1”. To counteract such flaws, we propose an enhanced EPC-compliant protocol entitled YAYA, by applying some minor modifications to the original protocol so that it provides the claimed security properties.

6 citations

Journal ArticleDOI
TL;DR: The MCEPAK protocol is vulnerable to the dictionary attack and an adversary can obtain the passwords of the appliances by eavesdropping the communicated messages in the protocol.
Abstract: Nicanfar and Leung proposed a multilayer consensus elliptic curve based password authenticated key-exchange (MCEPAK) protocol for smart grid. They claimed that their protocol is secure against possible attacks. In this paper, we show that the MCEPAK protocol is vulnerable to the dictionary attack and an adversary can obtain the passwords of the appliances by eavesdropping the communicated messages in the protocol. Moreover, we state that the passwords can be discovered by curious operators of the building area networks and the neighbor area networks. Theses weaknesses motivated us to introduce a chaotic maps based authenticated key exchange protocol for smart grid. To the best of our knowledge, the chaotic maps based key exchange protocol has not yet been devised for smart grid and the same objective has been fulfilled in this paper. In addition, we prove the security of the proposed protocol by a formal analysis.

6 citations

Proceedings ArticleDOI
14 Oct 2011
TL;DR: This paper first analyzes Yeh et al.s security flaws, then, a protocol is proposed that overcomes all the weaknesses of the aforementioned protocol and features user¡¦s anonymity.
Abstract: Authentication and key agreement protocols are foundation for the security of distributed applications. In 2010, Yeh et al. proposed two authenticated key agreement protocols. The second protocol in Yeh et al. features useri¦s anonymity. However, we found that the second scheme is vulnerable to replay attack, masquerade attack, and off-line password attack. In this paper, we first analyze Yeh et al.i¦s security flaws, then, we propose a protocol that overcomes all the weaknesses of the aforementioned protocol.

6 citations

Proceedings ArticleDOI
11 Jan 2009
TL;DR: Results show that the proposed protocol effectively protects networks from the denial of service attack and reduces the time for authenticating the joiner device up to maximum 30% as the number of hops increases.
Abstract: This paper proposes a new authentication protocol for the LR-WPAN. In order to guarantee the reliability and safety of a protocol, this protocol uses the hierarchical authentication. In addition, in order to reduce the impact of the denial of service attack, the proposed protocol performs the authentication between a parent router and a joiner device prior to the authentication between a trust center and the joiner device. Moreover, this protocol reduces the authentication delay by decreasing the number of message exchanges during authentication. We evaluate the safety of the proposed protocol by the security analysis and compare the number of message exchanges of the ZigBee authentication protocol and the proposed protocol when denial of service attack occurs. We also analyze the delay for authentication of the joiner device through the implementation of both protocols. Those results show that the proposed protocol effectively protects networks from the denial of service attack and reduces the time for authenticating the joiner device up to maximum 30% as the number of hops increases.

6 citations

01 Jan 2006
TL;DR: This paper first explores four Bluetooth protocol-level attacks in order to get deeper insights into the weakness of the Bluetooth security design, and proposes enhancements to defend against those attacks.
Abstract: Since its creation, Bluetooth has transformed itself from a cable replacement technology to a wireless technology that connects people and machines. Bluetooth has been widely adapted on mobile phones and PDAs. Many other vendors in other industries are integrating Bluetooth into their products. Although vendors are adapting to the technology, Bluetooth hasn't been a big hit among users. Security remains a major concern. Poor implementation of the Bluetooth architecture on mobile devices has led to some high profile Bluetooth hacks. Weak security protocol designs expose the Bluetooth system to some devastating protocol attacks. This paper first explores four Bluetooth protocol-level attacks in order to get deeper insights into the weakness of the Bluetooth security design. We then propose enhancements to defend against those attacks. Performance comparisons are given based on the implementation of our enhancements on a software based Bluetooth simulator.

6 citations


Network Information
Related Topics (5)
Server
79.5K papers, 1.4M citations
86% related
Encryption
98.3K papers, 1.4M citations
86% related
Wireless ad hoc network
49K papers, 1.1M citations
85% related
Mobile computing
51.3K papers, 1M citations
84% related
Wireless sensor network
142K papers, 2.4M citations
84% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
20239
202236
20211
20194
201812
201795