Topic
Otway–Rees protocol
About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.
Papers published on a yearly basis
Papers
More filters
••
19 May 2014
TL;DR: Experiment shows that the trusted protocol can achieve security goals and effectively avoid STP attacks with a lower computation overhead and good convergence performance.
Abstract: Attacks executed on Spanning Tree Protocol (STP) expose the weakness of link layer protocols and put the higher layers in jeopardy. Although the problems have been studied for many years and various solutions have been proposed, many security issues remain. To enhance the security and credibility of layer-2 network, we propose a trust-based spanning tree protocol aiming at achieving a higher credibility of LAN switch with a simple and lightweight authentication mechanism. If correctly implemented in each trusted switch, the authentication of trust-based STP can guarantee the credibility of topology information that is announced to other switch in the LAN. To verify the enforcement of the trusted protocol, we present a new credible evaluation method of the STP using a specification-based state model. We implement a prototype of trust-based STP to investigate its practicality. Experiment shows that the trusted protocol can achieve security goals and effectively avoid STP attacks with a lower computation overhead and good convergence performance.
2 citations
••
2 citations
••
25 Nov 2008
TL;DR: This paper proposes an improved authentication and key agreement protocol by employing smart card and random number technology and develops a secure mechanism to protect users' identity privacy and a convenient password change method without the participation of the server.
Abstract: Recently, a privacy enhanced authentication and key agreement protocol was proposed using elliptic curve cryptograph technology. The scheme is insecure, however, against replay attacks within valid period of certificate and loses users' privacy that should be protected. In this paper we propose an improved authentication and key agreement protocol by employing smart card and random number technology. Replay attacks are thus blocked without the need of time synchronization between computers. Moreover, we develop a secure mechanism to protect users' identity privacy and a convenient password change method without the participation of the server. Our protocol is more secure compared with others at similar computation cost in the authentication period.
2 citations
••
02 Oct 2003
TL;DR: The performance analysis of the new Protocol for authentication and key distribution shows that the new protocol has a comparable performance with the Kerberos protocol for short messages and outperforms it for large messages.
Abstract: In the present paper, a new protocol for authentication and key distribution is proposed The new protocol has the aim to achieve a comparable performance with the Kerberos protocol and overcome its drawbacks For authentication of the exchanged messages during authentication and key distribution, the new protocol uses the Message Authentication Codes (MAC) to exchange the Diffie-Hellman components On the other hand, the new protocol uses nonces to ensure the freshness of the exchanged messages Subsequently, there is no need for clock synchronization which will simplify the system requirements The new protocol is analyzed using queuing model, the performance analysis of the new protocol shows that the new protocol has a comparable performance with the Kerberos protocol for short messages and outperforms it for large messages
2 citations
••
TL;DR: An authentication protocol based on authentication option is proposed to protect this proxy mobile IPv6 protocol with IPv4 support, and a SVO formal Analysis method is used to prove the security of this protocol.
Abstract: Proxy mobile ipv6 protocol is a mandatory protocol to support inter-working among heterogeneous mobile broadband networks. In order to support compatibility to IPv4 network, a mobility infrastructure in the proxy mobile ipv6 that provide ipv4 extension is presented in this article. An authentication protocol based on authentication option is proposed to protect this proxy mobile IPv6 protocol with IPv4 support. A SVO formal Analysis method is used to prove the security of this protocol.
2 citations