Topic
Otway–Rees protocol
About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.
Papers published on a yearly basis
Papers
More filters
TL;DR: There are many parameters to consider when designing a key exchange protocols for mobile environment and significance of parameters is different, based on the security requirement of application for which protocol is being developed.
Abstract: Background/Objectives: Cryptographic protocols are used for securing information when transmitting it over insecure network such as Internet. This paper’s objective is to study recently proposed key exchange protocols for mobile environment. Methods/Statistical Analysis: In this paper we do a literature survey of recently proposed key exchange protocols for mobile environment. We analyze execution of protocol in three phases i.e. initialization, communication, renewal/ termination phase. In initialization protocol prepares for key exchange process. Next, protocol actually communicates with others to exchange secret key. Third protocol may terminate or renew connection for further communication. We also study activities done by protocols that define characteristics of protocol. Findings: In this paper we find that there are many parameters to consider when designing a key exchange protocols for mobile environment. However, significance of parameters is different, based on the security requirement of application for which protocol is being developed. Strength of a protocol is in the encryption technique that it uses. Hence, stronger encryption techniques results in better security of protocol. Speed of protocol is another important parameter. Length of steps in algorithm of protocol is directly proportional to its speed. A protocol must be able to withstand various attacks on it. A protocol should have high reliability if it is to be used in handling critical data. We found that modern key exchange protocols are not properly analyzed and tested before being proposed. Instead of working on already proposed protocols and solve their vulnerabilities and strengthening them researchers are proposing new protocols without testing them properly for vulnerabilities which are later exploited by malicious users. Applications/Improvements: This research paper will help researchers and protocol designers. It will give them idea about design parameters when designing key exchange protocol. It will enable them to take better decisions.
3 citations
26 Aug 2007
TL;DR: An architecture and secure protocol is proposed, which reduce the number of round trips during authentication phase, and verify its secure properties with a formal tool.
Abstract: In this paper we present a solution for providing a fast transition in heterogeneous mobile networks which involve network access control based on the Extensible Authentication Protocol. The goal is to reduce the time spent on providing access and smooth transition, between different technologies which require to perform authentication to allow network access. We propose and describe an architecture and secure protocol, which reduce the number of round trips during authentication phase, and verify its secure properties with a formal tool.
3 citations
TL;DR: An improvement of the GNY logic about its inability to detect the reflection attacks against some authentication protocols is proposed which takes into account the possible multiple instances (principals) of the same identity in the model.
Abstract: In this paper, the limitation of the GNY logic about its inability to detect the reflection attacks against some authentication protocols is given. An improvement is proposed which takes into account the possible multiple instances (principals) of the same identity in the model.
3 citations
Posted Content•
TL;DR: This note reports major previously unpublished security vulnerabilities in the password-only authenticated three-party key exchange protocol due to Lee and Hwang, which is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication.
Abstract: This note reports major previously unpublished security vulnerabilities in the password-only authenticated three-party key exchange protocol due to Lee and Hwang (Information Sciences, 180, 1702–1714, 2010): (1) the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2) the protocol cannot protect clients’ passwords against an offline dictionary attack; and (3) the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary.
3 citations
01 Jan 2005
TL;DR: This paper proposes a novel timestamp management method which has the potential to increase the scope of applicability of timestamp-based authentication and key establishment protocols.
Abstract: Timestamp-based authentication and key establishment protocols have received a number of criticisms, despite their potential efficiency advantages. The purpose of this paper is to propose a novel timestamp management method which has the potential to increase the scope of applicability of such protocols. Since timestamp-based protocols typically involve one less message than challenge-response protocols, the potential efficiency gains are considerable.
3 citations