Otway–Rees protocol

About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.

A Multi-Factor Security Protocol for Wireless Payment - Secure Web Authentication using Mobile Devices

Abstract: Previous Web access authentication systems often use either the Web or the Mobile channel individually to confirm the claimed identity of the remote user. This paper proposes a new protocol using multifactor authentication system that is both secure and highly usable. It uses a novel approach based on Transaction Identification Code and SMS to enforce extra security level with the traditional Login/password system. The system provides a highly secure environment that is simple to use and deploy, that does not require any change in infrastructure or protocol of wireless networks. This Protocol for Wireless Payment is extended to provide two way authentications.

Using SPIN to Verify Security Properties of Cryptographic Protocols

Abstract: This paper explores the use of Spin for the verification of cryptographic protocol security properties. A general method is proposed to build a Promela model of the protocol and of the intruder capabilities. The method is illustrated showing the modeling of a classical case study, i.e. the Needham-Schroeder Public Key Authentication Protocol. Using the model so built, Spin can find a known attack on the protocol, and it correctly validates the fixed version of the protocol.

HB-MP + Protocol: An Improvement on the HB-MP Protocol

Abstract: In this paper, we propose an enhanced version of the HB-MP authentication protocol, called the HB-MP+ protocol. The HB-MP protocol is a lightweight authentication protocol that is suitable for use in passive radio frequency identification (RFID) systems. The HB-MP+ protocol overcomes the man-in-the-middle attack to which the basic HB-MP protocol is vulnerable while maintaining its suitability to low-cost passive RFID systems. We show an effective man-in-the-middle attack against the HB-MP protocol where the attacker utilizes the predictable rotation of the secret key. We enhance the HB-MP protocol by randomizing the rotation of the secret key, which eliminates the vulnerability. We also propose the use of round keys that may be produced by rotation or, more generally, by a one-way function. We analyse the security and performance improvements of our HB-MP+ protocol and find it to be suitable for passive RFID systems.

A semantics-aware approach to the automated network protocol identification

Abstract: Traffic classification, a mapping of traffic to network applications, is important for a variety of networking and security issues, such as network measurement, network monitoring, as well as the detection of malware activities. In this paper, we propose Securitas, a network trace-based protocol identification system, which exploits the semantic information in protocol message formats. Securitas requires no prior knowledge of protocol specifications. Deeming a protocol as a language between two processes, our approach is based upon the new insight that the n-grams of protocol traces, just like those of natural languages, exhibit highly skewed frequency-rank distribution that can be leveraged in the context of protocol identification. In Securitas, we first extract the statistical protocol message formats by clustering n-grams with the same semantics, and then use the corresponding statistical formats to classify raw network traces. Our tool involves the following key features: 1) applicable to both connection oriented protocols and connection less protocols; 2) suitable for both text and binary protocols; 3) no need to assemble IP packets into TCP or UDP flows; and 4) effective for both long-live flows and short-live flows. We implement Securitas and conduct extensive evaluations on real-world network traces containing both textual and binary protocols. Our experimental results on BitTorrent, CIFS/SMB, DNS, FTP, PPLIVE, SIP, and SMTP traces show that Securitas has the ability to accurately identify the network traces of the target application protocol with an average recall of about 97.4% and an average precision of about 98.4%. Our experimental results prove Securitas is a robust system, and meanwhile displaying a competitive performance in practice.

Research on Diffie-Hellman key exchange protocol

Abstract: The purpose of the Diffie-Hellman protocol is to enable two users to exchange a secret key securely that can then be used for subsequent encryption of messages. The protocol itself is limited to exchange of the keys. But because of having no entity authentication mechanism, Diffie-Hellman protocol is easily attacked by the man-in-the-middle attack and impersonation attack in practice. In this paper, we compare the computational efficiency of various authentication methods. Finally an improved key exchange schema based on hash function is given, which improves the security and practicality of Diffie-Hellman protocol.