Topic
Otway–Rees protocol
About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.
Papers published on a yearly basis
Papers
More filters
TL;DR: It is shown that the end-to-end security protocol for mobile communications with end-user identification/authentication due to Chang et al., (2004) has a serious security flaw and the protocol cannot achieve the claimed security.
Abstract: This letter shows that the end-to-end security protocol for mobile communications with end-user identification/authentication due to Chang et al., (2004) has a serious security flaw. We demonstrate this by presenting a simple but powerful impersonation attack against the protocol so that the protocol is insecure against impersonation attack. Hence, the protocol cannot achieve the claimed security. To overcome such a security flaw, a modification is presented.
3 citations
25 Sep 2014
TL;DR: A Distributed Anonymous Authentication protocol is proposed to resolve the problems of heavy signaling overheads and long signaling delay when authentication is executed in a centralized manner and the advantages of DAA over existing solutions are confirmed.
Abstract: Nowadays, the design of a secure access authentication protocol in heterogeneous networks achieving seamless roaming across radio access technologies for mobile users (MUs) is a major technical challenge. This paper proposes a Distributed Anonymous Authentication (DAA) protocol to resolve the problems of heavy signaling overheads and long signaling delay when authentication is executed in a centralized manner. By applying MUs and point of attachments (PoAs) as group members, the adopted group signature algorithms provide identity verification directly without sharing secrets in advance, which significantly reduces signaling overheads. Moreover, MUs sign messages on behalf of the group, so that anonymity and unlinkability against PoAs are provided and thus privacy is preserved. Performance analysis confirm the advantages of DAA over existing solutions.
3 citations
01 Jan 2003
TL;DR: MKAP (mutual authenticated key agreement protocol) has advantages over other protocols in its security provability and only spends moderate computation cost, so it is quite practical.
Abstract: In the distributed computing environments such as wireless network, the key exchange protocol with mutual authentication is critical to the following secure sessions between communicators and more attentions are paid to the provability of the protocol security. A mutual authentication key agreement protocol, MAKAP (mutual authenticated key agreement protocol) is proposed. The security of the protocol is proved in Bellare-Rogaway's model and its computation cost is also analyzed. MAKAP has advantages over other protocols in its security provability and only spends moderate computation cost, so it is quite practical.
3 citations
TL;DR: The results show that the proposed STPKE’ protocol can resist undetectable online password guessing attacks and achieves the same security level with reduced random numbers and without XOR operations.
Abstract: —In the secure communication areas, three-party authenticated key exchange protocol is an important cryptographic technique. In this protocol, two clients will share a human-memorable password with a trusted server, in which two users can generate a secure session key. On the other hand the protocol should resist all types of password guessing attacks. Recently, STPKE’ protocol has been proposed by Kim and Choi. An undetectable online password guessing attack on STPKE’ protocol is presented in the current study. An alternative protocol to overcome undetectable online password guessing attacks is proposed. The results show that the proposed protocol can resist undetectable online password guessing attacks. Additionally, it achieves the same security level with reduced random numbers and without XOR operations. The computational efficiency is improved by ≈ 30% for problems of size ≈ 2048 bits. The proposed protocol is achieving better performance efficiency and withstands password guessing attacks. The results show that the proposed protocol is secure, efficient and practical.
3 citations
TL;DR: This paper provides an authenticated zero knowledge protocol which is very helpful in establishing secure wireless communication in ad-hoc networks by satisfying cryptographic goals such as authentication, data integrity etc.
Abstract: Entity authentication and key distribution are very important cryptographic problems in mobile communication or in adhoc networks or in wireless communication at large. Mutual entity authentication is seen as the necessary process to the establishment of a secure and authentic connection. For a reliable secure communication, mutual entity authentication is very often seen as the necessity to the establishment of a secure connection. Authentication is necessary in wireless communication such as GSM or for Ad-Hoc purposes [26].Here Latin word ad-hoc means for the specific purpose only. Authentication is also necessary in situations where we need more than two entities in the authentication exchange such as a mobile user, a local AAA (Authentication, Authorization and Accounting) server and a remote (home) AAA server [8,21]. In such situations it is essential to include authentic and secure key exchange mechanism that ensures enhancement of trust in communication. This paper provides an authenticated zero knowledge protocol which is very helpful in establishing secure wireless communication in ad-hoc networks by satisfying cryptographic goals such as authentication, data integrity etc [13].
3 citations