Otway–Rees protocol

About: Otway–Rees protocol is a research topic. Over the lifetime, 1975 publications have been published within this topic receiving 40569 citations.

Cryptanalysis of Flyweight RFID Authentication Protocol

Abstract: Recently, Burmester and Munilla proposed flyweight RFID authentication protocol, which is an EPC-Gen2 compliant protocol. The protocol uses synchronized pseudorandom number generator shared between backend server and tag. They argue that their protocol provides session unlinkability, and is secure against statistical analysis and impersonation attacks. Their protocol is optimal in that it requires 4 passes in case of passive attacker and 6 passes in a scenario of active attacker detection. In this paper, we will show that Burmester and Munilla protocol is vulnerable to desynchronization attack, which leads the system into Denial of Service (DoS) attack. After that, we suggest a remedy to cope with the problem of the protocol.

Authentication of mobile Wireless Sensor Networks

Abstract: Wireless Sensor Network (WSN) contains a lot of sensors called nodes or motes. These sensors sense the environmental data, according to the application, and then communicate with each other, and finally send these data or readings back to the base station. WSN security is an important issue, since motes are usually left to operate unattended in the environment where they were deployed. Intruder may inject false data into the network, thus strong security mechanisms are needed to be implemented in order to protect the network against malicious intruder or attacks. This paper proposed a key distribution and authentication protocol designed to achieve some security requirements of WSNs. The paper introduces a simple protocol for shared key discovery and authentication of massage and entity. The work assumes mobile nodes and proposed a re-authentication protocol for nodes to re-authenticate themselves in the new location. The efficiency of the proposed protocol has been ensured in terms of energy consumption, packet size and the security requirements achieved.

Study of the Attacks on Kerberos Protocol and Countermeasures

Abstract: Kerberos protocol is the most important authentication protocol nowadays,nevertheless it has some limitations and flaws. This paper focuses on a detailed analysis of the two most important kinds of attacks: password attack and replay attack, with the example attacks in the environment of Windows 2000. It also presents an all-around analysis and a summary of the various improved countermeasures as well as a comparison of them, which by showing the advantages and disadvantages of each countermeasure will serve as a reference for the future perfection of the Kerberos protocol.

Implementation of eL2TP Based on Layer Two Tunnel Protocol in Linux

Abstract: This paper analyzes L2TP security in theory and builds a VPN solution called enhancing layer two tunneling protocol(eL2TP) , which is combined with L2TP code in Linux.The solution modifies L2TP’s protocol structure and Header,substitues mutual tunnel authentication like MS-CHAPv2 for original authentication like CHAP, adds a multiple and random authentication after control connections establishment, data encryption, authentication and integrity of data packet, eL2TP can be compatible with L2TP and enhance security of VPN more than L2TP and take advantages of IPSec and PPTP. The new code has been debugged and executed in lab.This paper gives summarization refered to main L2TP code which is modified. At last, some key parameters are discussed.

Trusted Network Connect Protocol for Wireless Environment

Abstract: A trusted network connect protocol WTNCP for wireless environment is proposed,in which the trusted computing technology and non-certificate public key cryptography are utilized.The platform authentication and integrity verification are integrated into the user authentication within 6 rounds in such protocol.The security and performance analysis show that the protocol enhances the security of the authentication protocol and has great advantages in both computing and reduction of communication costs.