Otway–Rees protocol

About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.

A syntactic approach for identifying multi-protocol attacks

Abstract: In the context of multiple security protocols running in the same environment, we propose a syntactical approach for identifying multi-protocol attacks. The proposed approach uses a canonical security protocol model, where terms that can be verified by protocol participants are denoted by canonical terms. In order to enable the identification of subtle “type-flaw” attacks, where terms can be substituted with other types of terms, we introduce a canonical identifier. The approach is validated by analyzing several security protocol pairs. The attacks discovered by our approach are also discovered by existing security protocol verification tools.

Security Analysis of a Delegation-Based Authentication Protocol for Wireless Roaming Service

Abstract: Portable devices are widely used in our daily life. A delegation-based authentication is used for providing security and privacy for portable communication systems. In the current work, we are concerned with the security for a delegation-based authentication protocol. Firstly, we disclose vulnerability of Tsai et al.’s delegation-based authentication protocol for portable communication systems, then present a feasible solution that eliminates the potential threat to ensure the authenticity, integrity, and confidentiality of involved communications.

A high performance reliable atomic group protocol

Abstract: A novel and efficient group communication (multicast) protocol, based on a single logical-clock token ring approach, is described The protocol is highly efficient and it guarantees total ordering and atomicity of multicast messages for asynchronous distributed systems Unlike other logical token-ring algorithms, the protocol does not have a problem of token loss The optimized fault-tolerant algorithms of the protocol can handle process failures and network partitioning The experiment results of the implemented protocol in a local area network of workstations have demonstrated that its performance is better than any existing solutions in the same environment, especially, for achieving message total ordering and atomic (safe) delivery

Improved Otway Rees protocol and its formal verification

Abstract: Authentication protocol is applied to implement the identity authentication of two communicating entities and build secure communication tunnel through exchanging keys. The paper analyzes the security properties of the original Otway Rees protocol and its existing improved version, it finds that the protocol cannot meet the authentication goals. The paper proposes a novel improved protocol, which eliminates redundancy in the Otway Rees protocol messages and removes the limitations that the Otway Rees protocol cannot resist impersonation attack by modifying message format and adding handshake message. The paper also verifies the security of the improved Otway Rees protocol by utilizing formal method. The analysis results show that the protocol satisfies the strong goals of identity authentication and key distribution.

Research on secure authentication based on session initial protocol

Abstract: At present, most of the session initial protocol (SIP) authentication schemes only provide client-to-server authentication And HTTP digest authentication is one of them The weakness of this scheme in server spoofing and password guessing attacks was analyzed, and a more secure strategy was proposed which avoided these shortcomings The experimental result illustrates that this proposed algorithm is effective