Otway–Rees protocol

About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.

SPACE: Secure Protocol for Address Book based Connection Establishment.

Abstract: We present SPACE an application-level protocol for secure automatic ad-hoc connection-establishment between two devices based on their address book entries. Our protocol is based on the simple premise that if two people have each others contact details in their address books, they probably know and trust each other in some limited way and this can form a basis for a trust relationship between their devices, without additional user intervention. We show how our protocol is resistant to specific security attacks and can accommodate for privacy concerns. Existing connectionestablishment protocols for Bluetooth and IEEE 802.11 have known security flaws, and can be compromised using wellknown techniques and off-the-shelf hardware. In addition, these protocols require explicit user intervention, like entering a passkey. We believe that these factors have directly impacted the widespread application of ad-hoc networking in the context of mobile phones and other consumer devices.

A New Authentication and Key Exchange Protocol for Insecure Networks

Abstract: The security authentication and key negotiation is an important foundation of network security. In this paper, a new authentication and key exchange protocol is presented. The proposed protocol is logically analyzed with the BAN-logic and discussed as a secure protocol. The results of analysis indicate that the protocol is correct and satisfies the security requirements of the Internet key exchange

Authentication primitives for secure protocol specifications

Abstract: We use two authentication primitives proposed recently as a linguistic support for enforcing authentication. They offer a way of abstracting from various specifications of authentication and of obtaining idealized protocols ''secure by construction''. Consequently, they help in proving that a cryptographic protocol correctly implements its corresponding abstract version; when the implementation is incorrect, suggestions on how to fix it may come from reasoning on the abstract specification.

Improvements of authentication tests on detecting type flaw attacks

Abstract: Authentication tests are widely used in formal analysis, design and automatic verification of security protocols. However, they are not sufficient in proving symmetric key protocols, and fail to detect potential attacks on Neuman-Stubblebine protocol. By analyzing the failure reasons of authentication tests, some of their deficiencies have been pointed out. In order to break through these limitations of analytic capability of the original authentication tests, the improved authentication tests (I-ATs) have been proposed. In the I-ATs, the notion of message type is introduced for detecting the possibility of certain replay and interleaving attacks. The proofs of Neuman-Stubblebine protocol and Kao-Chow authentication protocol show that the I-ATs can easily find the type flaw attack on the initial authentication of Neuman-Stubblebine protocol, and give precise proof for Kao-Chow protocol.

Kerberos Authentication Protocol Modeling Using NUSMV Model

Abstract: Authentication is one of the biggest problem related to computer information security in the area of distributed environments. Various protocols are used for the authentication purpose such as Needham-Schroeder protocol Kerberos protocol etc. The aim of this paper is to verify and formalize the Kerberos protocol using NuSMV model checker. The protocol version used in this paper is Kerberos Authentication Protocol. The paper suggests CTL specifications for authentication, secrecy and integrity. We have also proposed an approach to identify presence of intruder in the system.